About Cisco FXOS MIB Files

This chapter includes the following sections:

Cisco FXOS MIB Files

FXOS MIB files are a set of objects that are private extensions to the IETF standard MIB II. MIB II is documented in RFC 1213, Management Information Base for Network Management of TCP/IP-based Internets: MIB-II. Portions of MIB-II have been updated since RFC 1213. See the IETF website http://www.ietf.org for the latest updates to this MIB.

If your NMS cannot get requested information from FXOS, then the MIB that allows that specific data collection might be missing. Typically, if an NMS cannot retrieve a particular MIB variable, either the NMS does not recognize that MIB variable, or the agent does not support the MIB variable. If the NMS does not recognize a specific MIB variable, you might need to load the MIB into the NMS, usually with a MIB compiler. For example, you might need to load the Cisco FXOS private MIB or the supported RFC MIB into the NMS to execute the required data collection. If the agent does not support a specific MIB variable, you must find out what version of system software you are running. Different software releases support different MIBs.


Note

Cisco and IETF MIBs are updated frequently. You should download and install the latest FXOS MIBs from Cisco.com whenever you upgrade the FXOS software. Unique versions of the FXOS MIBs are generated for each software release and are posted with the release.

Downloading Cisco FXOS MIB Files from Cisco.com

Before you begin

Cisco FXOS MIBs are generated for each software release and are posted with the release.

Procedure

Step 1

Open a browser and go to the following URL:

https://software.cisco.com/download/navigator.html?mdfid=286291275&flowid=79503

Step 2

In the lower-right list, select your Security Appliance series: Firepower 2100 Series, Firepower 1000 Series, or Secure Firewall 3100 Series.

The lower-right list changes to show the available models for the selected series.

Step 3

Select your Security Appliance model from the list.

The Download Software page lists available categories of software for your security appliance.

Step 4

In the Select a Software Type list, select Firepower Threat Defense Software.

Step 5

Select your software version from the menu on the left and then click Download for the Firepower Threat Defense MIBs item.

Note

 

MIB files are not posted with patch software releases.

Cisco FXOS Faults

A fault is a mutable object that is managed by the FXOS. Each fault represents a failure or an alarm threshold that has been raised. During the life cycle of a fault, it can change from one state or severity to another.

Each fault includes information about the operational state of the affected object at the time the fault was raised. If the fault is transitional and the failure is resolved, then the object transitions to a functional state.

A fault remains in FXOS until the fault is cleared and deleted according to the settings in the fault collection policy.

The following table lists the FXOS traps included in the CISCO-FIREPOWER-AP-NOTIFS-MIB.

Table 1. CISCO-FIREPOWER-AP-NOTIFS-MIB Traps

Trap

Description

cfprApFaultActiveNotif

The OID for this SNMP trap is .1.3.6.1.4.1.9.9.826.2.0.1.

This notification is generated by FXOS whenever a fault is raised.

cfprApFaultClearNotif

The OID for this SNMP trap is .1.3.6.1.4.1.9.9.826.2.0.2.

This notification is generated by FXOS whenever a fault is cleared.

All FXOS faults are available with SNMP using the cfprApFaultInstTable table and the CISCO-FIREPOWER-AP-FAULT-MIB. The table contains one entry for every fault instance. Each entry has variables to indicate the nature of a problem, such as its severity and type. The same object is used to model all FXOS fault types, including equipment problems, FSM failures, configuration or environmental issues, and connectivity issues. The cfprApFaultInstTable table includes all active faults (those that have been raised and need user attention), and all faults that have been cleared but not yet deleted because of the retention interval.

The cfprApFaultInstTable table contains cfprApFaultInstEntry objects that can be queried through the XML API.Chassis Manager

The following table describes the attributes exposed by the cfprApFaultInstTable.

Table 2. cfprApFaultInstEntry Attritubes

Attribute

Description

Fault Instance ID (Table Index)

A unique integer that identifies the fault.

Affected Object DN

The distinguished name of the mutable object that has the fault.

Affected Object OID

The Object identifier (OID) of the mutable object that has the fault.

Creation Time

The time that the fault was created, depicted in UTC format.

Last Modification

The time when any of the attributes were modified.

Code

A code that provides information specific to the nature of the fault.

Type

The fault type.

Cause

The probable cause of the fault.

Severity

The severity of the fault. Fault severity transitions throughout the lifecyle of the fault, so several different fault severities can be reported during the lifecyle of a fault. These include:

  • Original severity reported when the fault was first detected

  • Current severity reported for the fault

  • Previous severity reported for the fault

  • Highest severity reported for the fault

Occurrence

The number of times that a fault has occurred since it was created.

Description

A human readable string that contains all information related to the fault.

FXOS sends a cfprApFaultActiveNotif event notification whenever a fault is raised. There is one exception to this rule: FXOS does not send event notifications for FSM faults. The trap variables indicate the nature of the problem, including the fault type. FXOS sends a cfprApFaultClearNotif event notification whenever a fault has been cleared. A fault is cleared when the underlying issue has been resolved.

The cfprApFaultActiveNotif and cfprApFaultClearNotif traps are defined in the CISCO-FIREPOWER-AP-NOTIFS-MIB. All faults can be polled using SNMP GET operations on the cfprApFaultInstTable, which is defined in the CISCO-FIREPOWER-AP-FAULT-MIB.


Note

The Data Management Engine (DME) generates the OID values dynamically. Due to this default behaviour, some of the OIDs in SNMP MIBs change after a reboot.

An example of SNMP OID values, before and after a reboot, from FP 9300:

Before reboot

cfprEtherFtwPortPairOperMode.31623 .1.3.6.1.4.1.9.9.826.1.21.33.1.22.31623 CISCO-FIREPOWER-ETHER-MIB
cfprEtherFtwPortPairOperMode.31625 .1.3.6.1.4.1.9.9.826.1.21.33.1.22.31625 CISCO-FIREPOWER-ETHER-MIB

After reboot

cfprEtherFtwPortPairOperMode.31623 .1.3.6.1.4.1.9.9.826.1.21.33.1.22.31625 CISCO-FIREPOWER-ETHER-MIB
cfprEtherFtwPortPairOperMode.31625 .1.3.6.1.4.1.9.9.826.1.21.33.1.22.31627 CISCO-FIREPOWER-ETHER-MIB

For more details about FXOS faults, see Cisco Firepower 2100 Series Faults and Error Messages.

Use Cases for Cisco FXOS MIBs

Common use cases for Cisco FXOS MIBs are described below.

Receiving Fault Event Notifications

If you want to use SNMP traps for fault event notification in your NMS, you must first load the prerequisite MIBs (see Prerequisite MIBs), then load the MIBs listed below.


Important

You should load the MIBs in the order listed to eliminate most of the load-order issues.

  • CISCO-FIREPOWER-AP-MIB.my

  • CISCO-FIREPOWER-AP-TC-MIB.my

  • CISCO-FIREPOWER-AP-FAULT-MIB.my

  • CISCO-FIREPOWER-AP-NOTIFS-MIB.my

The following table describes the traps included in the CISCO-FIREPOWER-AP-NOTIFS-MIB.

Table 3. CISCO-FIREPOWER-AP-NOTIFS-MIB Traps

Trap

Description

cfprApFaultActiveNotif

The OID that corresponds to this SNMP trap is .1.3.6.1.4.1.9.9.826.2.0.1.

This notification is generated by FXOS whenever a fault is raised.

cfprApFaultClearNotif

The OID that corresponds to this SNMP trap is .1.3.6.1.4.1.9.9.826.2.0.2.

This notification is generated by FXOS whenever a fault is cleared.

Gathering Inventory Information

FXOS MIBs can be used to gather information about the compute equipment in your Firepower 2100 series appliance, Firepower 1000 series, or Secure Firewall 3100 series. Inventory information includes data such as security modules, serial numbers, DIMMs, and other intelligence related to system equipment.

See Purpose of the Cisco FXOS MIBs, to learn more about which MIBs you need to add to your NMS to collect the inventory data that interests you.

Gathering Statistics

If you want to use SNMP as a way to gather statistics, use the table below as a guide to which MIBs to load and which tables in each MIB to query.


Note

The table lists the statistics most commonly monitored in FXOS, but it does not contain an exhaustive list of all statistics that can be monitored. To gather statistics beyond those listed below, refer to Purpose of the Cisco FXOS MIBs, review the content of the various packages, and download the additional MIB files necessary to meet your specific needs.

Table 4. MIBs to Use for Gathering Statistics
Statistics Type MIB that Gathers the Statistic Statistics Table Name and Objects in SNMP

Ethernet

CISCO-FIREPOWER-AP-ETHER-MIB

.1.3.6.1.4.1.9.9.826.2.1.21 is the parent OID where the key statistics reside.

cfprApEtherPauseStatsTable—Packet pause stats

cfprApEtherLossStatsTable—Packet loss stats

cfprApEtherErrStatsTable—Packet error stats

cfprApEtherTxStatsTable—Packet transmission stats

Objects in cfprApEtherTxStatsTable—cfprApEtherTxStatsEntry, cfprApEtherTxStatsInstanceId, cfprApEtherTxStatsJumboPackets, cfprApEtherTxStatsMulticastPackets, cfprApEtherTxStatsSuspect, cfprApEtherTxStatsThresholded, cfprApEtherTxStatsTimeCollected, cfprApEtherTxStatsTotalBytes, cfprApEtherTxStatsTotalPackets, cfprApEtherTxStatsUnicastPackets, cfprApEtherTxStatsUpdate, cfprApEtherTxStatsBroadcastPackets, cfprApEtherTxStatsIntervals

cfprApEtherRxStatsTable—Packet reception stats

Adapter

CISCO-FIREPOWER-AP-ADAPTOR-MIB

.1.3.6.1.4.1.9.9.826.2.1.3 is the parent OID where the key statistics reside.

cfprApAdaptorEthPortBySizeLargeStatsTable

cfprApAdaptorEthPortBySizeSmallStatsTable

cfprApAdaptorEthPortStatsTable

cfprApAdaptorEthPortOutsizedStatsTable

cfprApAdaptorEthPortMcastStatsTable

Blade and rack level

CISCO-FIREPOWER-AP-COMPUTE-MIB

.1.3.6.1.4.1.9.9.826.2.1.12 is the parent OID where the key statistics reside.

cfprApComputeMbPowerStatsTable—Provides all motherboard power statistics for every security module.

cfprApComputeMbTempStatsTable—Provides all motherboard temperature statistics for every security module.

Processor

CISCO-FIREPOWER-AP-PROCESSOR-MIB

.1.3.6.1.4.1.9.9.826.2.1.66 is the parent OID where the key statistics reside.

cfprApProcessorEnvStatsTable—Provides all CPU power and temperature statistics for every CPU socket.

Equipment

CISCO-FIREPOWER-AP-EQUIPMENT-MIB

.1.3.6.1.4.1.9.9.826.2.1.20 is the parent OID where the key statistics reside.

cfprApEquipmentFanStatsTable—Provides all statistics for every physical fan.

cfprApEquipmentFanModuleStatsTable—Provides all fan module temperature statistics for every fan module.

cfprApEquipmentChassisStatsTable—Provides all chassis level temperature statistics.

cfprApEquipmentPsuStatsTable—Provides all chassis level power and temperature statistics for every power supply.

cfprApEquipmentIOCardStatsTable—Provides all chassis level power and temperature statistics for the fabric interconnect.

Memory statistics

CISCO-FIREPOWER-AP-MEMORY-MIB

.1.3.6.1.4.1.9.9.826.2.1.50 is the parent OID where the key statistics reside.

cfprApMemoryUnitEnvStatsTable—Provides all memory DIMM temperature statistics for every memory module.

Switching statistics

CISCO-FIREPOWER-AP-SW-MIB

.1.3.6.1.4.1.9.9.826.2.1.75 is the parent OID where the key statistics reside.

cfprApSwEnvStatsTable—Provides configuration and status information on the switch configuration.

Security Module statistics

CISCO-FIREPOWER-AP-SM-MIB

.1.3.6.1.4.1.9.9.826.2.1.71 is the parent OID where key security-module statistics reside.

cfprApSmMonitorTable—Provides disk, CPU, and memory utilization statistics for each security module.

Storage statistics

CISCO-FIREPOWER-AP-STORAGE-MIB

.1.3.6.1.4.1.9.9.826.2.1.74.20 is the parent OID where storage statistics reside.

cfprApStorageItemTable—Provides storage element statistics.

Interface statistics

IF-MIB

1.3.6.1.2.1.2.2.1 is the parent OID where the interface statistics reside.

ifTable—Provides a list of interface entries. An entry contains management information applicable to a particular interface. It includes ifInDiscards, ifInErrors, ifOutDiscards, ifOutErrors, and so on.

Process statistics

CISCO-PROCESS-MIB

1.3.6.1.4.1.9.9.109 is the parent OID where the process statistics reside.

cpmCPUTotalTable contains cpmCPUTotalEntry which provides overall information about the CPU load. Entries in this table come and go as CPUs are added and removed from the system.

System statistics

CISCO-SYSTEM-EXT-MIB

1.3.6.1.4.1.9.9.305 is the parent OID where the CPU availability and bandwidth information resides

cseSysCPUUtilization —Provides the average utilization of CPU on the active supervisor.

Configuring snmpwalk Retry and Timeout Values

When you use snmpwalk to gather metrics of the device in bulk, you might experience long waiting hours. There is a default timeout, where the command waits for a response from device. You can change this default timeout and retry values: 

$ time snmpwalk -v2c -c cisco123 -r 1 -t 5 <IP Address> system

Here, -r 1 and -t 5 indicates retry for one time and timeout of 5 seconds respectively. Thus, a total timeout of 10 seconds is configured.

Types of MIBs

Chassis Management is based on the XML over HTTP model, which provides a rich data model to configure and monitor the system. This model includes polices, service profiles, configuration and monitoring data, and statistics.

To simplify the integration of FXOS with SNMP-based NMS, FXOS exposes the model through SNMP. The entire FXOS data model is exposed through the read-only Cisco FXOS MIBs. All objects that can be retrieved through the FXOS XML API can also be retrieved through FXOS MIBs.


Note

Each release maintains complete coverage of the XML API model through private MIBs.

Cisco Extensions to the IF-MIB

The IF-MIB supports basic management status and control of interfaces and sublayers within a network switch. Multiple standard and Cisco-specific MIBs use ifIndex from the IF-MIB to extend management for specific interface types. Cisco MIBs also enhance the two interface notifications, linkUp and linkDown, from the IF-MIB to provide a clearer indication of the reason for these notifications. Cisco MIBs add two varbinds to linkUp and linkDown as shown in the following table.

Table 5. Varbinds Added to IF-MIB Notifications

Notification

Varbinds Added

linkUp

ifDescr

linkDown

ifDescr