When you say you want to see accepted and dropped connections due to a policy on the outside interface, what exactly do you mean? Connections can be build and torn down for many reasons so defining which policy your referring to will help. Is there a particular counter or 'show' output on the CLI that you're looking to poll via SNMP?
cfwBasicConnectionEventType will probably be your best bet, though it's global for the ASA so you'll need to do some filtering after the data is received.
Unfortunately, the ASA doesn't have an OID that can poll ACL hits. You can log the ACL hits to a syslog and then redirect the syslog via SNMP to a server, but this would be a trap rather than a poll.
If you want an automated way to query the hits every month, you might want to look into Smart Call Home which is more suited for this type of monitoring. You can configure a profile to check the ACL hits and have it email them to you or HTTPS POST it to a web server once a month. You can find some config examples here:
%ASA-6-106100: access-list outside_in permitted tcp outside/192.168.1.100(60270) -> inside/10.1.1.10(443) hit-cnt 1 first hit [0x8545f26e, 0x0]
%ASA-6-106100: access-list outside_in denied tcp outside/192.168.1.100(60290) -> inside/10.1.1.10(80) hit-cnt 1 first hit [0x6c9e7133, 0x0]
That will be a lot more information than you probably want. If you just want to see the aggregate hits each month, my suggestion would be to use Smart Call Home (or maybe an Expect script via SSH) to pull the ACL hits (something like 'show access-list | ex hitcnt=0') once a month and then immediately clear them ('clear access-list ' counters).
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...