When looking at NSX-T Firewall Rule Metrics for a specific rule, you see missing data (represented by the lighter gray on the image below) when queried over time.

If you search for the NSX-T Firewall Rule for a date/time when the gap is present, Aria Operations for Networks returns No Results as seen in the image below:

When reviewing the details for the specific rule with gaps, you will see "deleted" and "discovered" events for that rule aligning to the gap period. The date/time stamp for when the rule was created according to NSX will not be the same as the gap; it will be prior to the gap.

VMware Aria Operations for Networks 6.12
VMware Aria Operations for Networks 6.12.1
VMware Aria Operations for Networks 6.13
VMware Aria Operations for Networks 6.14

There is an issue in the NSX DFW API utilized by Aria Operations for Networks to get all that firewall rules in a section.

Rules are continuing being "deleted" and "discovered" again in Aria Operations for Networks while the created timestamp in NSX remained the same.

Aria Operations for Networks  will trigger a "delete" event when the rule is not present in the results from API call to NSX /api/v1/firewall/sections/<SECTION_ID>/rules.

For example, in first polling cycle R1, R2, R3 rules returned from NSX for a specific section and in the next polling cycle R1, R3 rules are returned from NSX API then Aria Operations for Networks will trigger the delete event for rule R2. If R2 is present in subsequent polling cycle, then it will be "discovered" again. The time in which the rule is not present in the results will show as a "gap" in metrics.

There are discrepancies between the output of GET API for full sections /api/v1/firewall/sections vs. individual API for /api/v1/firewall/sections/<SECTION_ID>/rules as per KB 385075 Search cancel Search Firewall ListSections MP API response incomplete with pagination indicating that the /api/v1/firewall/sections is not always returning the full results for the section, resulting in the rule deletion/discovery cycle described above in Aria Operations for Networks.

This issue is fixed in NSX 4.2.1.2 and 4.2.2.x