Cisco Success Network-Telemetry Data
Cisco Success Network is an always-on usage information and metrics collection feature in the Secure Firewall migration tool, which collects and trasmits usage statistics through a secure cloud connection between the migration tool and the Cisco cloud. These statistics help us provide additional support on unused features and also improve our products. When you initiate a migration process in the Secure Firewall migration tool, the corresponding telemetry data file is generated and stored in a fixed location.
When you push the migrated FDM-managed device configuration to management center, the push service reads the telemetry data file from the location and deletes it after the data is successfully uploaded to the cloud.
The migration tool provides two options to choose from, for streaming telemetry data—Limited and Extensive.
With Cisco Success Network set to Limited, the following telemetry data points are collected:
|
Data Point |
Description |
Example Value |
|---|---|---|
|
Time |
The time and date when the telemetry data is collected |
2023-04-25 10:39:19 |
|
Source Type |
The source device type |
ASA |
|
Device Model Number |
Model number of ASA |
ASA5585-SSP-10, 5969 MB RAM, CPU Xeon 5500 series 2000 MHz, 1 CPU (4 cores) |
|
Source Version |
Version of ASA |
9.2 (1) |
|
Target Management Version |
The target version of management center |
6.5 or later |
|
Target Management Type |
The type of target management device, namely, management center |
Management Center |
|
Target Device Version |
The version of target device |
75 |
|
Target Device Model |
The model of target device |
Cisco Secure Firewall Threat Defense for VMware |
|
Migration Tool Version |
The version of the migration tool |
1.1.0.1912 |
|
Migration Status |
The status of the migration of ASA configuration to management center |
SUCCESS |
The following tables provide information on the telemetry data points, their descriptions, and sample values, when Cisco Success Network is set to Extensive:
| Data Point | Description | Example Value |
|---|---|---|
|
Operating System |
Operating system that runs the Secure Firewall migration tool. It could be Windows7/Windows10 64-bit/macOS High Sierra |
Windows 7 |
|
Browser |
Browser used to launch the Secure Firewall migration tool. It could be Mozilla/5.0 or Chrome/68.0.3440.106 or Safari/537.36 |
Mozilla/5.0 |
| Data Point | Description | Example Value |
|---|---|---|
|
Source Type |
The source device type |
FDM |
|
Source Device Serial Number |
Serial number of FDM-managed device |
Cisco Firepower Threat Defense for VMware |
|
Source Device Version |
Version of FDM-managed device |
7.2.0-8.0 |
|
Firewall Mode |
The firewall mode configured on FDM-managed device - routed or transparent |
ROUTED |
|
Context Mode |
The context mode of FDM-managed device. This can be single or multi-context. |
SINGLE |
|
FDM-Managed Device Config Statistics: |
||
|
ACL Counts |
The number of ACLs which are attached to access group |
46 |
|
Access Rules Counts |
The total number of access rules |
46 |
|
NAT Rule Counts |
The total number of NAT rules |
17 |
|
Network Object Counts |
The number of network objects configured in FDM-managed device |
34 |
|
Network Object Group Counts |
The number of network object groups in FDM-managed device |
6 |
|
Port Object Counts |
The number of port objects |
85 |
|
Port Object Group Counts |
The number of port object groups |
37 |
|
Unsupported Access Rules Count |
The total number of unsupported access rules |
3 |
|
Unsupported NAT Rule Count |
The total number of unsupported NAT access rules |
0 |
|
FQDN Based Access Rule Counts |
The number of FQDN -based access rules |
7 |
|
Time range Based Access Rule Counts |
The number of time range based access rules |
1 |
|
SGT Based Access Rule Counts |
The number of SGT-based access rules |
0 |
|
Summary of Config lines that Tool is not able to parse |
||
|
Unparsed Config Count |
The number of config lines that are unrecognized by the parser |
68 |
|
Total Unparsed Access Rule Counts |
The total number of unparsed access rules |
3 |
|
More FDM-Managed Device config details... |
||
|
Is RA VPN Configured |
Whether RA VPN is configured on FDM-managed device |
false |
|
Is S2S VPN Configured |
Whether Site-to-Site VPN is configured on FDM-managed device |
false |
|
Is BGP Configured |
Whether BGP is configured on FDM-managed device |
false |
|
Is EIGRP Configured |
Whether EIGRP is configured on FDM-managed device |
false |
|
Is OSPF Configured |
Whether OSPF is configured on FDM-managed device |
false |
|
Local Users Counts |
The number of local users configured |
0 |
| Data Point | Description | Example Value |
|---|---|---|
|
Target Management Type |
The type of target management device, namely, management center |
Management Center |
|
Target Device Version |
The version of target device |
75 |
|
Target Device Model |
The model of target device |
Cisco Secure Firewall Threat Defense for VMware |
| Data Point | Description | Example Value |
|---|---|---|
|
Access Control Policy |
||
|
Name |
The name of access control policy |
Doesn't Exist |
|
Partially Migrated ACL Rule Counts |
The total number of partially migrated ACL rules |
3 |
|
Expanded ACP Rule Counts |
The number of expanded ACP rules |
0 |
|
NAT Policy |
||
|
Name |
The name of NAT policy |
Doesn't Exist |
|
NAT Rule Counts |
The total number of migrated NAT rules |
0 |
|
Partially Migrated NAT Rule Counts |
The total number of partially migrated NAT rules |
0 |
|
More migration details... |
||
|
Interface Counts |
The number of updated interfaces |
0 |
|
Sub Interface Counts |
The number of updated subinterfaces |
0 |
|
Static Routes Counts |
The number of static routes |
0 |
|
Objects Counts |
The number of objects created |
34 |
|
Object Group Counts |
The number of object groups created |
6 |
|
Security Zone Counts |
The number of security zones created |
3 |
|
Network Object Reused Counts |
The number of objects reused |
21 |
|
Network Object Rename Counts |
The number of objects that are renamed |
1 |
|
Port Object Reused Counts |
The number of port objects that are reused |
0 |
|
Port Object Rename Counts |
The number of port objects that are renamed |
0 |
| Data Point | Description | Example Value |
|---|---|---|
|
Conversion Time |
The time taken to parse FDM-managed device configuration lines (in minutes) |
14 |
|
Migration Time |
The total time taken for end-to-end migration (in minutes) |
592 |
|
Config Push Time |
The time taken to push the final configuration (in minutes) |
7 |
|
Migration Status |
The status of the migration of FDM-managed device configuration to management center |
SUCCESS |
|
Error Message |
The error message as displayed by the Secure Firewall migration tool |
null |
|
Error Description |
The description about the stage when the error has occurred and the possible root cause |
nul |
Telemetry FDM Example File
Thefollowing is an example of a telemetry data file on the migration of FDM-managed device configuration to threat defense:
{
"metadata": {
"contentType": "application/json", "topic": "migrationtool.telemetry"
},
"payload": { "FDM_config_stats": {
"access_rules_counts": 46,
"acl_counts": 46,
"fqdn_based_access_rule_counts": 7, "is_bgp_configured": false, "is_eigrp_configured": false, "is_multicast_configured": false, "is_ospf_configured": false, "is_pbr_configured": false, "is_ra_vpn_configured": false, "is_s2s_vpn_configured": false, "is_snmp_configured": false, "local_users_counts": 0,
"nat_rule_counts": 17,
"network_object_counts": 34,
"network_object_group_counts": 6,
"port_object_counts": 85,
"port_object_group_counts": 37,
"sgt_based_access_rules_count": 0,
"timerange_based_access_rule_counts": 1,
"total_unparsed_access_rule_counts": 3,
"unparsed_config_count": 68,
"unsupported_access_rules_count": 3,
"unsupported_nat_rule_count": 0
},
"context_mode": "SINGLE", "error_description": null, "error_message": null, "firewall_mode": "ROUTED", "migration_status": "SUCCESS", "migration_summary": {
"access_control_policy": [ [
{
"access_rule_counts": 0,
"expanded_acp_rule_counts": 0, "name": "Doesn't Exist",
"partially_migrated_acl_rule_counts": 3
}
]
],
"interface_counts": 0,
"interface_group_counts": 0, "nat_Policy": [
[
{
"NAT_rule_counts": 0, "name": "Doesn't Exist",
"partially_migrated_nat_rule_counts": 0
}
]
],
"network_object_rename_counts": 1,
"network_object_reused_counts": 21,
"object_group_counts": 6,
"objects_counts": 34,
"port_object_rename_counts": 0,
"port_object_reused_counts": 0,
"security_zone_counts": 3,
"static_routes_counts": 0,
"sub_interface_counts": 0
},
"migration_tool_version": "1.1.0.1912",
"source_config_counts": 504,
"source_device_model_number": " FDM5585-SSP-10, 5969 MB RAM, CPU Xeon 5500 series 2000 MHz, 1 CPU (4 cores)",
"source_device_serial_number": "JAF1528ACAD", "source_device_version": "9.6(2)", "source_type": "FDM",
"system_information": {
"browser": "Chrome/69.0.3497.100", "operating_system": "Windows NT 10.0; Win64; x64"
},
"target_device_model": "Cisco Firepower Threat Defense for VMWare", "target_device_version": "75",
"target_management_type": "Management Center", "target_management_version": "6.2.3.3 (build 76)",
"time": "2018-09-28 18:17:56",
"tool_performance": { "config_push_time": 7,
"conversion_time": 14,
"migration_time": 592
}
},
"version": "1.0"
Feedback