top of page
Writer's pictureDiniz Martins

Cisco ISE config-backup failure

When you try to back up the ISE configuration, the backup process fails even though there is enough disk space available.


Follow some steps to fix this issue:


ise/admin# show backup status
%% Configuration backup status
%% ----------------------------
%      backup name: Configuration-Backup
%       repository: sftp-var/tmp
%       start date: Wed May 2 
%        scheduled: yes
%   triggered from: Admin web UI
%             host: ise
%           status: Error: The data filesystem is 77 percent full, which is above threshold of 70. Backup terminated

ise/admin# show disks
Internal filesystems:
/ : 16% used ( 2664704 of 18011420)
/dev : 0% used ( 0 of 8067676)
/dev/shm : 0% used ( 0 of 8077940)
/run : 1% used ( 2236 of 8077940)
/sys/fs/cgroup : 0% used ( 0 of 8077940)
/boot : 12% used ( 106800 of 991512)
/tmp : 1% used ( 7192 of 1983056)
/storedconfig : 2% used ( 1589 of 95054)
/boot/efi : 4% used ( 9776 of 276312)
/opt : 77% used ( 401131124 of 547127376)
/run/user/440 : 0% used ( 0 of 1615592)
(...)

If you look closely above, the /opt directory is 77% full which matches with the error message we have seen.

Solution:


We need to install root key and patch from cli through repository and then took the root access.

Before that from non root cli access deleted some unwanted accounting and authorization logs and old backups.


>> Those old log files can only be removed by TAC via root shell access. <<


Root Access:

ISE/admin# root_enable
password:
ISE/admin# root
password:

Get in touch with TAC and they should be able to free up the space by deleting the old log files.

Some of path:

cd /opt/CSCOcpm/logs/localStore
rm -rf iseLocalStore.log.*

cd /opt/CSCOcpm/logs
rm -rf profiler.log.*
rm -rf report.log.*
rm -rf tracking.log.*

cd /opt/oracle/base/diag/tnslsnr/"Name_of_ISE_node"/listener/alert
rm -rf *.xml

Result:

ise/admin# show disks
Internal filesystems:
/ : 16% used ( 2664704 of 18011420)
/dev : 0% used ( 0 of 8067676)
/dev/shm : 0% used ( 0 of 8077940)
/run : 1% used ( 2236 of 8077940)
/sys/fs/cgroup : 0% used ( 0 of 8077940)
/boot : 12% used ( 106800 of 991512)
/tmp : 1% used ( 7192 of 1983056)
/storedconfig : 2% used ( 1589 of 95054)
/boot/efi : 4% used ( 9776 of 276312)
/opt : 63% used <<<<<<<<
(...)

1,218 views0 comments

Recent Posts

See All

Understanding CIMC for Cisco ISE

Cisco Integrated Management Controller (CIMC) is a crucial component for managing and monitoring Cisco UCS servers, including those used...

Securing IOS-XE Routing Protocols

Securing the routing information prevents an attacker from introducing false routing information into the network, which could be used as...

Cisco Duo Log Sync (DLS)

Duologsync (DLS) is a utility written by Duo Security that supports fetching logs from Duo endpoints and ingesting them to different...

Kommentare


bottom of page