Cisco ASA/ASR | LogicMonitor

About us

Get to know LogicMonitor and our team.

Get to know us

Services

Resources

Explore our blogs, guides, case studies, eBooks, and more actionable insights to enhance your IT monitoring and observability.

Learn

Documentation

Read through our documentation, check out our latest release notes, or submit a ticket to our world-class customer service team.

Support

Platform
- Platform
  
  Get real-time insights and automation for comprehensive, seamless monitoring with agentless architecture.
  
  Platform Overview
- Infrastructure Monitoring
- Network monitoring
- Server monitoring
- Remote monitoring
- Virutal machine monitoring
- SD-WAN monitoring
- Database monitoring
- Storage monitoring
- Configuration monitoring
- Cloud Monitoring
- Container monitoring
- AWS Monitoring
- GCP Monitoring
- Azure Monitoring
- Digital experience
- SaaS monitoring
- Website monitoring
- APM
- AIOPS
- Edwin AI
- Event Intelligence
- GenAI Agent
- Integrations
- Security
- Dashboards
- Platform demo
- Logs
Solutions
- Solutions
  
  Whether you work in MSP, Enterprise IT or somewhere in between, the solution is clear.
  
  Solutions overview
- By Initiative
- Digital transformation
- Cloud migration
- Tool consolidation
- Reduce MTTR
- Cost Optimization
- Automation
- Operational efficiency
- Modernization
- AI Workloads
- By Industry
- Financial services
- Health and life sciences
- Manufacturing
- Retail
- Education
- State and local
- Software companies
- MSP
Pricing
Customers
Resources
- Resources
  
  Explore our blogs, guides, case studies, eBooks, and more actionable insights to enhance your IT monitoring and observability.
  
  View Resources
- Learn
- Blog
- Case studies
- Events
- LM Academy
- Product News
- Elevate Community Conference
Company
- About us
  
  Get to know LogicMonitor and our team.
  
  About us
- Get to know us
- Leadership
- Awards
- Press
- Careers
- Contact & locations
- Connect
- Blog
- Case studies
- Events
- LM Academy
- Product News
- Elevate Community Conference
- Services
- Professional services
- Partners
- Customer success
- LM community
Documentation
- Documentation
  
  Read through our documentation, check out our latest release notes, or submit a ticket to our world-class customer service team.
  
  View Resources
- Support
- Documentation
- Developer docs
- Support tickets
- Release notes

TRY IT FREE

ON DEMAND DEMO

Product Documentation

When performing data collection on a Cisco ASA firewall using the MIB-2 interface counters (IF-MIB), the discarded packets counters (ifInDiscards/ifOutDiscards) behave differently for subinterfaces and physical interfaces:

If you are using a subinterface as a routed interface, ifInDiscards/ifOutDiscards will increment for each packet that is dropped due to policy. You are likely to see discards on subinterfaces, though this does not necessarily indicate a problem.
If you are using a physical interface as a routed interface, ifInDiscards/ifOutDiscards will not increment for each packet dropped due to policy. Discards on physical interfaces may be the result of buffer overflows or other packet handling decisions made by the ASA software.

This behavior has been confirmed on ASA software 7.2.

Notes:

This behavior is technically valid. Discards counter is defined as “the number of packets which were chosen to be discarded – even though no errors had been detected – to prevent their being deliverable to a higher-layer protocol.”
When monitoring clustered ASAs, you must add each individual ASA by its Local IP address. You cannot poll consolidated data for the cluster.
Always use the Local address, and not the main cluster IP address for SNMP polling. If the SNMP agent polls the main cluster IP address, if a new master is elected, the poll to the new master unit will fail.