Liongard
Create
Log in
Sign up
Roadmap
Feedback
Metrics Library
970
Boards
Feature Requests
Metrics Library
Powered by Canny
Metrics Library
This is a community-led space where Liongard users can come to teach and learn from one another. Share custom Metrics, get inspired and see what’s trending in the Pride.
Details
Category
Veeam Service Provider Console
Windows Server
Microsoft 365
Cisco Meraki
Amazon Web Services
SonicWall
Internet Domain/DNS
Dark Web Monitoring
Google Workspace
N-able RMM
Hyper-V
Sophos XG
VMware ESXi
Azure Active Directory
SentinelOne
Huntress
Fortinet FortiGate
Azure
Duo Security
Roar
Windows Workstation
Active Directory
N-able Backup
Auvik
Datto RMM
WatchGuard
Ubiquiti UniFi
macOS
ConnectWise Manage
Continuum RMM
TLS/SSL Certificates
ESET Licensing
JumpCloud
Sophos Central
GoDaddy
IT Glue
KnowBe4
ConnectWise Automate
Cisco Small Business Solution (SBS)
Network Discovery
OneLogin
SQL Server
Kaseya BMS
NinjaRMM
Cisco Umbrella
Acronis Cyber Cloud
Cisco ASA
Palo Alto
N-able N-central
Autotask
Bitdefender
Managed Printer
Microsoft OneDrive
Microsoft Teams
VMware vCenter
Linux
Webroot Secure Anywhere GSM
Syncro
3CX
StorageCraft SPX
Cisco IOS
BCDR data
Cloudflare
Veeam Availability Console
Kaseya VSA
Domotz
Adigy
Datto Networking
Uncategorized
Showing
Trending
Sort
Trending
Top
New
Filter
Under Review
Planned
In Progress
Future Consideration
Candidate For Implementing
Under Consideration
Needs Review
Blocked
Under Development
Submitted
Reviewed
Complete
posts in
All Categories
All Categories
Veeam Service Provider Console (3)
Windows Server (80)
Microsoft 365 (127)
Cisco Meraki (18)
Amazon Web Services (7)
SonicWall (31)
Internet Domain/DNS (26)
Dark Web Monitoring (1)
Google Workspace (8)
N-able RMM (5)
Hyper-V (8)
Sophos XG (4)
VMware ESXi (3)
Azure Active Directory (29)
SentinelOne (10)
Huntress (9)
Fortinet FortiGate (20)
Azure (12)
Duo Security (23)
Roar (185)
Windows Workstation (51)
Active Directory (104)
N-able Backup (7)
Auvik (10)
Datto RMM (11)
WatchGuard (3)
Ubiquiti UniFi (10)
macOS (2)
ConnectWise Manage (3)
Continuum RMM (10)
TLS/SSL Certificates (8)
ESET Licensing (3)
JumpCloud (2)
Sophos Central (9)
GoDaddy (3)
IT Glue (10)
KnowBe4 (5)
ConnectWise Automate (5)
Cisco Small Business Solution (SBS) (4)
Network Discovery (9)
OneLogin (3)
SQL Server (4)
Kaseya BMS (1)
NinjaRMM (1)
Cisco Umbrella (8)
Acronis Cyber Cloud (2)
Cisco ASA (8)
Palo Alto (1)
N-able N-central (7)
Autotask (2)
Bitdefender (1)
Managed Printer (6)
Microsoft OneDrive (2)
Microsoft Teams (3)
VMware vCenter (2)
Linux (2)
Webroot Secure Anywhere GSM (11)
Syncro (1)
3CX (1)
StorageCraft SPX (1)
Cisco IOS (4)
BCDR data (15)
Cloudflare (1)
Veeam Availability Console (2)
Kaseya VSA (3)
Domotz (1)
Adigy (1)
Datto Networking (2)
Cisco ASA: SSH Rules Allowed Globally
This metric checks a Cisco ASA configuration for SSH traffic that is allowed globally on an outside interface. Management.SSH.Channels[?Source=='0.0.0.0' && (Service=='Outside' || Service=='OUTSIDE' || Service=='outside')] | length(@)
0
·
submitted
1
Cisco ASA: HTTP Rules Allowed Globally
This metric checks a Cisco ASA configuration for HTTP traffic that is allowed globally on an outside interface. Management.HTTP.Channels[?Source=='0.0.0.0' && (Service=='Outside' || Service=='OUTSIDE' || Service=='outside')] | length(@)
0
·
submitted
1
Cisco IOS: Syslog Detected
Determines if the device is logging to an external syslog server. contains(RunningConfig,'logging host') || contains(RunningConfig,'logging 1')
1
·
submitted
1
Cisco ASA: ASDM Version
Determines the ASDM image that is installed on the device. SystemInfo.DeviceManagerVersion
0
·
submitted
1
Cisco ASA: Windows Anyconnect Image Version
Determines the version of Windows Anyconnect that's installed on the ASA. SystemInfo.AnyConnectClientWindowsVersion
0
·
submitted
2
Cisco ASA: RDP (Port 3389) Rules Detected
Checks to see if RDP/Port 3389 is listed in an access list. AccessList[?DestinationPort=='3389'] | length(@)
0
·
submitted
3
CIsco ASA: Detect if management has SSH 0.0.0.0 outside rule exists
Detect if management has SSH open to the outside. The outside can also be changed to 'inside' as well Management.SSH.Channels[?(Mask == 0.0.0.0 && Source == 0.0.0.0 && Service == outside )]
0
·
submitted
3
Cisco ASA check for CVE-2024-20353 | CVE-2024-20359
To check if the above CVE's are present on your Cisco ASA you will need to preform the below steps.First you will need to use the above metric to return a list of your ASA's software versionsIf your ASA version returns a value with parentheses () remove the () and replace with a period . Example: 9.14(4)23 will be 9.14.4.23After you have your ASA Software Version you will use the Cisco Software checker for each CVE and add the software version to check if the device is effected CVE-2024-20353https: //sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-websrvs-dos-X8gNucD2CVE-2024-20359https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-persist-rce-FLsNXF4hYou will need to use the Cisco Checker to confirm if the specific versions of your ASA are effected SystemInfo.CiscoAdaptiveSecurityApplianceSoftwareVersion
0
·
submitted
1
Powered by Canny
