WebVPN context name
|
Name of the context.
|
User session statistics:
|
Active user sessions
|
Total number of currently active user sessions on the gateway.
|
Peak user sessions
|
Maximum number of simultaneous user sessions on the gateway since the gateway came up.
|
Active user TCP conns
|
Total number of currently active TCP connections that were initiated from the client side toward the SSL VPN gateway.
|
Session alloc failures
|
Total number of session allocation failures that were initiated from the client side. These failures occur because of a lack
of memory on the gateway.
Examples:
-
No free slot in session table
-
No memory for session allocation
-
No memory for gateway cookie allocation
-
Not enough memory on the gateway
|
VPN session timeout
|
Information about the number of times the web VPN session timer has expired. This value reflects the full total for all the
contexts that are configured at the gateway. The session timer is off by default, and it is enabled when an administrator
intentionally uses the command-line interface (CLI) timeout session
number argument under the
group
policy command submode.
|
User cleared VPN sessions
|
Total number of user-removed (or cleared) VPN sessions on the gateway. For example, if any user sessions are cleared using
the CLI command
clear
webvpn
session
user-name
context
context-name , the counter is incremented by one.
|
AAA pending reqs
|
Total number of pending authentication, authorization, and accounting (AAA) requests on the gateway.
|
Peak time
|
Time elapsed since the peak number of simultaneous user sessions were observed on the gateway.
|
Terminated user sessions
|
Total number of expired user sessions on the gateway.
Examples:
-
User logout sessions
-
Session cookie removed
|
Authentication failures
|
Total number of authentication failures on the gateway.
Examples:
|
VPN idle timeout
|
Number of times the idle timer expired for all the contexts configured at the security gateway. Idle time refers to the time
for which an active session can be left unattended (maximum time for which a session is up even though no traffic flows through
the connection).
|
Exceeded ctx user limit
|
Total number of denied logins on the gateway that exceeded the context maximum user limit.
|
CEF switched packets (for client and server)
|
Packets that were CEF-switched.
|
CEF punted packets (for client and server)
|
Packets that could not be CEF-switched in a box with CEF switching enabled and that were "punted" to the next switching level.
|
Mangling statistics:
|
Relative urls
|
Number of URLs that point to a file/directory in relation to the present file/directory.
|
Non-http(s) absolute urls
|
Number of non-HTTP- relative URLs that are mangled.
|
Interesting tags
|
Number of HTTP, Cascade Style Sheets (CSS), or JavaScript tags that are mangled.
|
Interesting attributes
|
HTTP attributes, JavaScript, or CSS attributes that are mangled.
|
Embedded script statement
|
Embedded JavaScripts that were mangled.
|
Inline scripts
|
Number of inline CSSs that were mangled.
|
HTML comments
|
Number of HTML comments that were encountered.
|
HTTP/1.1 requests
|
Number of HTTP 1.1 requests that were encountered.
|
GET requests
|
Number of HTTP 1.0 or 1.1 GET requests that were encountered.
|
CONNECT requests
|
Number of HTTP 1.0 or 1.1 CONNECT requests that were encountered.
|
Pipelined requests
|
Number of requests dropped due to pipelines (pipelined requests are currently not supported).
|
Processed req hdr bytes
|
Total number of bytes in the requests made by the HTTP header to the backend server.
|
HTML /1.0 responses
|
Number of HTTP 1.0 responses that were encountered.
|
HTML responses
|
Total number of HTML pages that were received at the gateway.
|
XML responses
|
Total number of XML pages/responses that were received at the gateway.
|
Other content type resp
|
Total number of responses that were received other than HTML, XML, JavaScript, or CSS.
|
Resp with encoded content
|
Number of supported responses that were already encoded by the backend server.
|
Processed resp hdr size
|
Number of bytes in the headers of HTTP responses that were processed at the gateway.
|
Backend https response
|
Number of HTTP pages sent to the client by the backend server.
|
Absolute urls
|
Number of absolute HTTP URLs that were mangled.
|
Non-standard path urls
|
Number of non-HTTP-relative URLs that were mangled.
|
Uninteresting tags
|
HTTP attributes, JavaScript, or CSS attributes that were mangled.
|
Uninteresting attributes
|
Number of attributes that were not mangled (for instance, XML attributes).
|
Embedded style statement
|
Embedded CSS and other styling sheets that were mangled.
|
Inline styles
|
Number of inline CSSs that were mangled.
|
HTTP/1.0 requests
|
Number of HTTP 1.0 requests that were encountered.
|
Unknown HTTP version
|
Number of HTTP version requests other than 1.0 and 1.1.
|
POST requests
|
Number of HTTP 1.0 or 1.1 POST requests that were encountered.
|
Other request methods
|
Number of non- (1.0 or 1.1) HTTP requests plus the number of requests other than GET, POST, or CONNECT.
|
Gateway requests
|
Number of requests made explicitly to the gateway.
|
Req with header size >1K
|
Number of requests to the backend server having a header size greater than 1024 bytes.
|
Processed req body bytes
|
Total number of bytes processed while parsing HTML requests (body means the total bytes processed or read in an HTML request
excluding the header).
|
HTTP/1.1 responses
|
Number of HTTP 1.1 responses that were received at the gateway.
|
CSS responses
|
Total number of CSS tags that were received.
|
JS responses
|
Total number of JavaScript responses that were received at the gateway.
|
Chunked encoding resp
|
Number of times transfer encoding was set to "chunked" in an HTTP response.
|
Resp with content length
|
Number of non-zero content-length responses.
|
Resp with header size > 1K
|
Responses received at the gateway with a header size greater than 1 kilobyte.
|
Processed resp body bytes
|
Total number of bytes that were processed in responses (number of bytes in the bodies of the messages).
|
Chunked encoding requests
|
Number of requests that were chunk encoded.
|
CIFS statistics:
|
SMB related Per Context:
|
TCP VC’s
|
Backend TCP connections established successfully (thus far).
|
Active VC’s
|
Currently active TCP/User Datagram Protocol (UDP) connections.
|
Aborted Conns
|
Number of TCP-terminated connections (thus far).
|
UDP VC’s
|
Backend TCP connections established successfully (thus far).
|
Active Contexts
|
Currently active Server Message Block (SMB) contexts.
|
NetBIOS related Per Context:
|
Name Queries
|
NetBIOS name service (NBNS) name queries that have been sent.
|
NB DGM Requests
|
NetBios datagram service-related GET backup browser-list queries that have been sent.
|
NB TCP Connect Fails
|
NetBios TCP connections that failed.
|
Name Replies
|
NBNS name-query replies that have been received. Mismatch indicates that browsers/primary domain controller (PDC)/servers
could not be contacted.
|
NB DGM Replies
|
NetBIOS datagram service-related GET backup browser replies were received. Request/reply mismatch indicates that a browse
domain attempt would not work.
|
NB Name Resolution Fails
|
NetBIOS name resolution requests sent to the PDC failed.
|
HTTP related Per Context:
|
Requests
|
Number of HTTP requests made per a CIFS application context.
|
Request Packets RX
|
Number of HTTP packets received per a CIFS application context.
|
Response Packets TX
|
Number of HTTP packets sent per a CIFS application context.
|
Active CIFS context
|
Number of active CIFS application module contexts on which CIFS requests are being processed.
|
Request Bytes RX
|
Number of HTTP bytes received per a CIFS application context.
|
Response Bytes TX
|
Number of HTTP bytes sent per a CIFS application context.
|
Active Connections
|
Number of active CIFS connections.
|
Requests Dropped
|
Number of HTTP requests dropped per CIFS application context.
|
Socket statistics:
|
Sockets in use
|
Number of sockets that are in use by SSL VPN socket layer.
|
Sock Data Buffers in use
|
Number of data buffers that are used by the socket layer.
|
Select timers in use
|
Number of socket select timers that are in use.
|
Sock TX Blocked
|
Number of times an application send was blocked by TCP congestion control.
|
Sock Rx Blocked
|
Number of times an application blocked further reception of data from the TCP layer. The blocking indicates application buffer
starvation or a processing limit.
|
Sock UDP Connects
|
Number of UDP connects to the gateway.
|
Sock Premature Close
|
Number of times an application received a Closed connection before it could be established.
|
Sock Select Timeout Errs
|
Number of times a socket select timeout error occurred.
|
Sock Usr Blocks in use
|
Number of user blocks in use.
|
Sock Buf desc in use
|
Number of socket buffer descriptors in use.
|
Sock Select Timeouts
|
Number of times an application timed out while waiting for a reply in a request/reply exchange or while waiting for a TCP
connection to be established.
|
Sock Tx Unblocked
|
Number of times an application send resumed after being blocked due to TCP congestion control. If the transmit blocked and
unblocked do not match after a sufficient period of time, the transaction is stalled.
|
Sock Rx Unblocked
|
Number of times an application resumed further reception of data from the TCP layer. If receive blocked and unblocked do
not match after a sufficient period of time, the transaction is stalled.
|
Sock UDP Disconnects
|
Number of UDP disconnects to the gateway.
|
Sock Pipe Errors
|
Number of times socket pipe establishment failed.
|
WEBVPN Citrix statistics:
|
Server
|
Packets in
|
Number of packets received from the server.
|
Packets out
|
Number of packets sent to the server.
|
Bytes in
|
Number of bytes received from the server.
|
Bytes out
|
Number of bytes sent to the server.
|
Client
|
Packets in
|
Number of packets received from the client.
|
Packets out
|
Number of packets sent to the client.
|
Bytes in
|
Number of bytes received from the server.
|
Bytes out
|
Number of bytes sent to the client.
|
Tunnel Statistics:
|
Active connections
|
Number of active tunnels.
|
Peak connections
|
Maximum number of simultaneously active tunnels as observed since the last reboot of the Cisco IOS router or last counter
reset.
|
Connect succeed
|
Number of tunnel connections that have succeeded since the last reboot of the Cisco IOS router or last counter reset.
|
Reconnect succeed
|
Number of tunnel connections that have succeeded in reconnecting since the last reboot of the Cisco IOS router or last counter
reset.
|
SVCIP install IOS succeed
|
Number of times, during the SSL VPN Client (SVC)/AnyConnect package installation, that the frame IP address or allocated
IP address is used (IP address sticky).
|
SVCIP clear IOS succeed
|
Number of times an SVC IP address is successfully removed from the IP alias on the core.
|
SVCIP install TCP succeed
|
Number of tunnel connections that have succeeded since the last reboot of the Cisco IOS router or last counter reset.
|
DPD timeout
|
Number of Dead Peer Detection (DPD) timeout sessions.
|
Peak time
|
Absolute timestamp when the peak full-tunnel connections were observed.
|
Connect failed
|
Number of tunnel connections that have failed since the last reboot of the Cisco IOS router or last counter reset.
|
Reconnect failed
|
Number of tunnel connections that have failed in reconnecting since the last reboot of the Cisco IOS router or last counter
reset.
|
SVCIP install IOS failed
|
Total number of times, during the SVC/AnyConnect installation, that an IP assignment from the pool fails or failed to configure
an IP address to the virtual route forwarding (VRF) table.
|
SVCIP clear IOS failed
|
Number of times an STC IP address could not be removed from the IP alias on the core.
|
SVCIP install TCP failed
|
Number of tunnel connections that have failed since the last reboot of the Cisco IOS router or last counter reset.
|
Client
|
in CSTP frames
|
Number of Cisco SSL Tunnel Protocol (CSTP) frames from the client.
|
in CSTP data
|
Number of CSTP data frames from the client.
|
in CSTP control
|
Number of CSTP control frames from the client.
|
in CSTP Addr Reqs
|
Number of IP address renewal requests received by the gateway.
|
in CSTP DPD Reqs
|
Number of DPD requests received at the gateway.
|
in CSTP DPD Resps
|
Number of DPD responses received at the gateway (The client sends the DPD requests, the gateway responds to the transmission,
and the client responds back. It is this response that is counted here.)
|
in CSTP Msg Reqs
|
Number of times a CSTP message control frame is received at the gateway.
|
in CSTP bytes
|
Number of CSTP bytes (data+control frames) from the client.
|
out CSTP frames
|
Number of CSTP frames to the client.
|
out CSTP data
|
Number of CSTP data frames to the client.
|
out CSTP control
|
Number of CSTP control frames to the client.
|
out CSTP DPD Reqs
|
Number of times at-gateway CSTP control frames were generated.
|
out CSTP DPD Resps
|
Number of times the gateway processed a CSTP DPD request frame.
|
out CSTP Msg Reqs
|
Number of times the gateway generated a CSTP message (MSG) frame.
|
out CSTP bytes
|
Number of CSTP bytes (data+control frames) to the client.
|
Server
|
out IP pkts
|
IP datagrams that are successfully forwarded to the server.
|
out bad pkts
|
Number of times a bad tunneled IP packet was dropped at the gateway.
|
out filtered pkts
|
Number of times a tunneled IP packet was dropped at the gateway due to a named or numbered ACL that was configured at the
gateway.
|
out non fwded pkts
|
Number of times a tunneled IP packet could not be forwarded due to routing issues.
|
out forwarded pkts
|
Number of times a tunneled IP packet was successfully forwarded by the gateway.
|
out IP bytes
|
IP datagram bytes that are successfully forwarded to the server.
|
in IP pkts
|
IP datagrams that are successfully received from the server.
|
in IP bytes
|
IP datagram bytes that are successfully received from the server.
|