Problem Category: Security – Network Firewalls and Intrusion Prevention Systems
Problem Subcategory: Adaptive Security Appliance (ASA) non-VPN problem
Problem Type: Product Feature/Function Question
Problem Details: We suspected there is a memory leak on our ASA 5585-X. Can you guide me where to look for the “fragment size” value from the “show memory detail” output.

TAC reply:
++ I understand that you are looking towards the fragment size value in the show mem detail output and then based on the values would determine the bin size value to be used in show mem binsize
++ From the details shared, I see that the total free memory available on the unit is 68%.
++ Also if you could observe the details pertaining to the counters “MAX CONTIGOUS FREE MEM” and “Free MEM” they values are more are less the same which indicates that the amount of memory being leaked by fragmentation is not high (almost nil).
++ Now coming to the point where you were concerned over the outputs of fragments size across the device, usually the count associated with the block size increases and decreases when the block size are released back, if we observe an abnormal increase in the count value for any blocks and continue to see that they are not released which would be indicated by the count value.
++ Depending on the block size that we see the count abnormally increasing we can specify that value in the command show mem binsize

Show Memory Detail
Gather the output of “show memory detail”
Look in the column listed “total (bytes)” under the “MEMPOOL_GLOBAL_SHARED POOL STATS” to find the 5 largest values
Issue the command “show memory binsize” using the associated value under “fragment size (bytes)”

Memory Tracking
Enable the command “memory tracking enable” to turn on memory tracking
Issue the command “show memory tracking” at regular intervals to see the change in memory allocation
Issue the command “show memory tracking address | i ” where is the pc counter (in hex) of the largest growing process from the previous step
Gather the output “show memory tracking dump
” for any of the memory address locations picked at random from the output of the previous step

Also check

Incoming search terms:

  • asa 5545-x high memory

Problem: Upgraded Insight Reporter from v3.2.0 to 3.4.0, existing traffic database show disconnected


1) To get Sybase JDBC Connector
Download JConnect from this link
Extract and Install it in Insight Server

./setup.bin -i console

Go to /opt/sybase/jConnect-7_0/classes and copy conn4.jar and  jTDS3.jar into Cisco Insight directory (/home/user/Insight/apache-tomcat-6.0.20/webapps/insight/WEB-INF/lib/)
Restart tomcat

/etc/init.d/tomcat-user stop
/etc/init.d/tomcat-user start

2) To determine SCE CM db schema info
Go to your SCE CM server and execute cm file located at /home/user/cm/bin

./cm version
CM CD Version 3.7.5 Build 105


Both Jar files can be downloaded from here: