Cisco ISE config-backup failure

When you try to back up the ISE configuration, the backup process fails even though there is enough disk space available.


Follow some steps to fix this issue:


ise/admin# show backup status
%% Configuration backup status
%% ----------------------------
%      backup name: Configuration-Backup
%       repository: sftp-var/tmp
%       start date: Wed May 2 
%        scheduled: yes
%   triggered from: Admin web UI
%             host: ise
%           status: Error: The data filesystem is 77 percent full, which is above threshold of 70. Backup terminated

ise/admin# show disks
Internal filesystems:
/ : 16% used ( 2664704 of 18011420)
/dev : 0% used ( 0 of 8067676)
/dev/shm : 0% used ( 0 of 8077940)
/run : 1% used ( 2236 of 8077940)
/sys/fs/cgroup : 0% used ( 0 of 8077940)
/boot : 12% used ( 106800 of 991512)
/tmp : 1% used ( 7192 of 1983056)
/storedconfig : 2% used ( 1589 of 95054)
/boot/efi : 4% used ( 9776 of 276312)
/opt : 77% used ( 401131124 of 547127376)
/run/user/440 : 0% used ( 0 of 1615592)
(...)

If you look closely above, the /opt directory is 77% full which matches with the error message we have seen.

Solution:


We need to install root key and patch from cli through repository and then took the root access.

Before that from non root cli access deleted some unwanted accounting and authorization logs and old backups.


>> Those old log files can only be removed by TAC via root shell access. <<


Root Access:

ISE/admin# root_enable
password:
ISE/admin# root
password:

Get in touch with TAC and they should be able to free up the space by deleting the old log files.

Some of path:

cd /opt/CSCOcpm/logs/localStore
rm -rf iseLocalStore.log.*

cd /opt/CSCOcpm/logs
rm -rf profiler.log.*
rm -rf report.log.*
rm -rf tracking.log.*

cd /opt/oracle/base/diag/tnslsnr/"Name_of_ISE_node"/listener/alert
rm -rf *.xml

Result:

ise/admin# show disks
Internal filesystems:
/ : 16% used ( 2664704 of 18011420)
/dev : 0% used ( 0 of 8067676)
/dev/shm : 0% used ( 0 of 8077940)
/run : 1% used ( 2236 of 8077940)
/sys/fs/cgroup : 0% used ( 0 of 8077940)
/boot : 12% used ( 106800 of 991512)
/tmp : 1% used ( 7192 of 1983056)
/storedconfig : 2% used ( 1589 of 95054)
/boot/efi : 4% used ( 9776 of 276312)
/opt : 63% used <<<<<<<<
(...)
gif

49 views0 comments

Recent Posts

See All

More and more, employees wish to work on corporate laptops as well as personal mobile devices from anywhere. With the Cisco AnyConnect Secure Mobility Client, you can empower your employees to do this

The Duo Authentication Proxy is an on-premises software service that receives authentication requests from your local devices and applications via RADIUS or LDAP, optionally performs primary authentic

This post provides a step-by-step procedure for installing the hot patch released by Cisco for ISE servers, in light of the recent Log4j vulnerability (Apache Log4j Java Logging Library). More details