top of page

Cisco ISE config-backup failure

When you try to back up the ISE configuration, the backup process fails even though there is enough disk space available.


Follow some steps to fix this issue:


ise/admin# show backup status
%% Configuration backup status
%% ----------------------------
%      backup name: Configuration-Backup
%       repository: sftp-var/tmp
%       start date: Wed May 2 
%        scheduled: yes
%   triggered from: Admin web UI
%             host: ise
%           status: Error: The data filesystem is 77 percent full, which is above threshold of 70. Backup terminated

ise/admin# show disks
Internal filesystems:
/ : 16% used ( 2664704 of 18011420)
/dev : 0% used ( 0 of 8067676)
/dev/shm : 0% used ( 0 of 8077940)
/run : 1% used ( 2236 of 8077940)
/sys/fs/cgroup : 0% used ( 0 of 8077940)
/boot : 12% used ( 106800 of 991512)
/tmp : 1% used ( 7192 of 1983056)
/storedconfig : 2% used ( 1589 of 95054)
/boot/efi : 4% used ( 9776 of 276312)
/opt : 77% used ( 401131124 of 547127376)
/run/user/440 : 0% used ( 0 of 1615592)
(...)

If you look closely above, the /opt directory is 77% full which matches with the error message we have seen.

Solution:


We need to install root key and patch from cli through repository and then took the root access.

Before that from non root cli access deleted some unwanted accounting and authorization logs and old backups.


>> Those old log files can only be removed by TAC via root shell access. <<


Root Access:

ISE/admin# root_enable
password:
ISE/admin# root
password:

Get in touch with TAC and they should be able to free up the space by deleting the old log files.

Some of path:

cd /opt/CSCOcpm/logs/localStore
rm -rf iseLocalStore.log.*

cd /opt/CSCOcpm/logs
rm -rf profiler.log.*
rm -rf report.log.*
rm -rf tracking.log.*

cd /opt/oracle/base/diag/tnslsnr/"Name_of_ISE_node"/listener/alert
rm -rf *.xml

Result:

ise/admin# show disks
Internal filesystems:
/ : 16% used ( 2664704 of 18011420)
/dev : 0% used ( 0 of 8067676)
/dev/shm : 0% used ( 0 of 8077940)
/run : 1% used ( 2236 of 8077940)
/sys/fs/cgroup : 0% used ( 0 of 8077940)
/boot : 12% used ( 106800 of 991512)
/tmp : 1% used ( 7192 of 1983056)
/storedconfig : 2% used ( 1589 of 95054)
/boot/efi : 4% used ( 9776 of 276312)
/opt : 63% used <<<<<<<<
(...)
gif

78 views0 comments

Recent Posts

See All

ISE Repositories can be configured from both the GUI and the CLI of the ISE and can be used for these purposes: ➛ Backup and Restore of ISE Configuration and Operational data; ➛ Upgrade of ISE nodes;

Secure Unlock Client mechanism provides root shell access on Cisco ISE Command Line Interface (CLI) for a certain period of time. As soon as the session is closed or exited, the root access is also re

The Cisco Integrated Management Interface (CIMC) permits monitoring of the server inventory, health, and system event logs using the built-in Cisco Integrated Management Controller (CIMC) GUI or CLI i

bottom of page