Cisco Firepower extension
- Latest Dynatrace
- Extension
- Published Oct 27, 2025
Monitor the health of Cisco Firepower via SNMP with per-minute metrics, topology, and dashboards.
Get started
Overview
The Cisco Firepower extension uses SNMP to collect metrics from your Cisco Firepower devices. Metric data is collected each minute to track the performance and health of your Firepower devices. Dynatrace unified analysis pages provide at-a-glance access and analysis for your Ops, DevOps and IT Admins.
Activation and setup
Find the extension in Dynatrace Hub to and add it to your environment.
Then, provide the necessary device configuration, and Dynatrace will automatically deploy the extension and start monitoring.
Details
The extension package contains:
- SNMP data source configuration for metric ingestion
- Topology definitions for Cisco Firepower devices.
- Dashboards offering monitoring overviews
- Unified Analysis pages for each created entity
The extension is built on top of the SNMP data source that is part of Dynatrace Extensions framework.
Feature sets
When activating your extension using monitoring configuration, you can limit monitoring to one of the feature sets. To work properly the extension has to collect at least one metric after the activation.
In highly segmented networks, feature sets can reflect the segments of your environment. Then, when you create a monitoring configuration, you can select a feature set and a corresponding ActiveGate group that can connect to this particular segment.
All metrics that aren't categorized into any feature set are considered to be the default and are always reported.
A metric inherits the feature set of a subgroup, which in turn inherits the feature set of a group. Also, the feature set defined on the metric level overrides the feature set defined on the subgroup level, which in turn overrides the feature set defined on the group level.
| Metric name | Metric key | Description |
|---|---|---|
| 1550 (Ethernet) blocks | snmp.cisco.firepower.blocks.ethernet | Used to store Ethernet packets for processing through the threat defense device |
| 80 (TCP intercept) blocks | snmp.cisco.firepower.blocks.tcpintercept | Used in TCP intercept to generate acknowledgment packets and for failover hello messages |
| Metric name | Metric key | Description |
|---|---|---|
| CRAS Active Sessions | snmp.cisco.firepower.asa.cras.num_sessions | The number of currently active sessions. A session is 'active' if it is ready to carry application traffic. |
| Metric name | Metric key | Description |
|---|---|---|
| — | com.dynatrace.extension.network_device.sysuptime | — |
| — | com.dynatrace.extension.network_device.memory_used | — |
| — | com.dynatrace.extension.network_device.memory_free | — |
| — | com.dynatrace.extension.network_device.cpu_usage | — |
| — | com.dynatrace.extension.network_device.if.bytes_in.count | — |
| — | com.dynatrace.extension.network_device.if.bytes_out.count | — |
| — | com.dynatrace.extension.network_device.if.in.errors.count | — |
| — | com.dynatrace.extension.network_device.if.in.discards.count | — |
| — | com.dynatrace.extension.network_device.if.out.errors.count | — |
| — | com.dynatrace.extension.network_device.if.out.discards.count | — |
| — | com.dynatrace.extension.network_device.if.status | — |
| HA Status | snmp.cisco.firepower.ha.status | This object contains the current HA status of the resource. |
| Metric name | Metric key | Description |
|---|---|---|
| CPU Usage - 1 min | snmp.cisco.firepower.cpu.total.1min | The overall CPU busy percentage in the last minute. |
| CPU Usage - 5 min | snmp.cisco.firepower.cpu.total.5min | The overall CPU busy percentage in the last 5 minute period. |
| Metric name | Metric key | Description |
|---|---|---|
| Memory used | snmp.cisco.firepower.memory.used | Indicates the number of bytes from the memory pool that are currently used on the physical entity. |
| Metric name | Metric key | Description |
|---|---|---|
| Total amount of disk space for the specified file system | snmp.cisco.firepower.disk.cfprSmDiskFileSystemTotalKb | — |
| Used disk space for the specified file system | snmp.cisco.firepower.disk.cfprSmDiskFileSystemUsedKb | — |
| Metric name | Metric key | Description |
|---|---|---|
| Fault severity | snmp.cisco.firepower.fault.severity | 0 => 'cleared', 1 => 'info', 2 => 'condition', 3 => 'warning', 4 => 'minor', 5 => 'major', 6 => 'critical' |
| Metric name | Metric key | Description |
|---|---|---|
| Total amount of memory in kB | snmp.cisco.firepower.cfprSmMonitorMemTotalKb | — |
| Total amount of used memory in kB | snmp.cisco.firepower.cfprSmMonitorMemUsedKb | — |
| Used memory pool | snmp.cisco.firepower.memory.cempMemPoolUsed | Indicates the number of bytes from the memory pool that are currently in use by applications on the physical entity. |
| Free memory pool | snmp.cisco.firepower.memory.cempMemPoolFree | Indicates the number of bytes from the memory pool that are currently not in use by applications on the physical entity. |
| Metric name | Metric key | Description |
|---|---|---|
| Declined connections | snmp.cisco.firepower.connections.cufwConnGlobalNumResDeclined | The number of connections which were attempted to be setup but which were declined due to non-availability of required resources. This value is accumulated from the last reboot of the firewall. |
| Active connections | snmp.cisco.firepower.connections.cufwConnGlobalNumActive | The number of connections which are currently active. |
| Connection rate (per 1 minute) | snmp.cisco.firepower.connections.cufwConnGlobalConnSetupRate1 | The averaged number of connections which the firewall establishing per second, averaged over the last 60 seconds. |
| UDP connection rate (per 1 minute) | snmp.cisco.firepower.connections.cufwConnGlobalConnSetupRate1.udp | The averaged number of UDP connections which the firewall establishing per second, averaged over the last 60 seconds. |
| TCP connection rate (per 1 minute) | snmp.cisco.firepower.connections.cufwConnGlobalConnSetupRate1.tcp | The averaged number of TCP connections which the firewall establishing per second, averaged over the last 60 seconds. |
| Metric name | Metric key | Description |
|---|---|---|
| Interface speed | snmp.cisco.firepower.interface.ifHighSpeed | An estimate of the interface's current bandwidth in units of 1,000,000 bits per second. If this object reports a value of n' then the speed of the interface is somewhere in the range of n-500,000' to `n+499,999'. For interfaces which do not vary in bandwidth or for those where no accurate estimation can be made, this object should contain the nominal bandwidth. For a sub-layer which has no concept of bandwidth, this object should be zero. |
| Octets received | snmp.cisco.firepower.interface.ifInOctets.count | The total number of octets received on the interface including framing characters |
| Octets transmitted | snmp.cisco.firepower.interface.ifOutOctets.count | The total number of octets transmitted out of the interface including framing characters |
| Inbound errors | snmp.cisco.firepower.interface.ifInErrors.count | Number of inbound packets/transmission units with errors |
| Inbound discards | snmp.cisco.firepower.interface.ifInDiscards.count | Number of inbound packets discarded |
| Outbound errors | snmp.cisco.firepower.interface.ifOutErrors.count | Number of outbound packets/transmission units with errors |
| Outbound discards | snmp.cisco.firepower.interface.ifOutDiscards.count | Number of outbound packets discarded |
