Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1402
Views
0
Helpful
5
Replies

SecondaryConfig

Go to solution
jtsai8585
Level 1
Level 1

‎06-13-2017 09:11 AM

I understand this is not supported but there should be some old documentation or discussion on exactly how this command is used and what data it backup.  Can't seem to find these information.  Can someone point me to docs on this item?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
dmccabej
Cisco Employee
Cisco Employee
In response to jtsai8585

‎06-13-2017 11:46 AM

You're very welcome. :)

Correct, it would be pulling from any connected ESA/s. Basically, what you're doing with secondaryconfig, is telling the secondary/backup SMA to pull from a mirrored secondary directory instead of the primary directory, which is then what you're creating on the ESA/s by enabling secondaryconfig. 

Thanks!

-Dennis M.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Libin Varghese
Cisco Employee
Cisco Employee

‎06-13-2017 10:50 AM

Hi,

I do not think there are any more customer facing documents for secondaryconfig as the feature is no longer supported by TAC and it is strongly recommended to not use it.

Secondaryconfig was used to create redundancy between 2 SMA's for tracking and reporting data. Quarantines were not backed up.

With backupconfig feature not available to perform these functions, I would recommend using that instead.

http://www.cisco.com/c/dam/en/us/td/docs/security/security_management/sma/sma10-0/SMA_10-0_User_Guide.pdf

Thank You!

Libin Varghese

0 Helpful

Go to solution
jtsai8585
Level 1
Level 1
In response to Libin Varghese

‎06-13-2017 11:04 AM

I do understand it's not supported but my situation is that all of our senior team members insist on using the secondaryconfig even if it causes DB corruptions on the secondary SMA.  At the same time, I need to migrate some of the SMAs and need to reconfigure the SecondaryConfig that someone setup prior.  So, I need to find some kind of documentation some where in order to perform the migration.

0 Helpful

Go to solution
dmccabej
Cisco Employee
Cisco Employee
In response to jtsai8585

‎06-13-2017 11:32 AM

Hello,

Secondaryconfig can be easily setup using the following steps.

You'll first need to enable secondaryconfig on the ESA/s to create the 'secondary' directory, and then enable it on the backup SMA to pull from the secondary directory.

Keep in mind this only performs this for Reporting/Tracking and Quarantines can still only be sent to a single SMA at a time.

Thanks!

-Dennis M.

+++
test.lab.local> secondaryconfig
Secondary aggregation is presently disabled.
No data export directories configured.
Choose the operation you want to perform:
- ENABLE - Enable or disable secondary aggregation.
- ADD - Add additional data export directories.
- DELETE - Remove data export directory.
[]> enable
Secondary aggregation is presently disabled.
Would you like secondary aggregation enabled? [N]> y
You must configure at least one data export directory. Input directory name
[secondary]>
Secondary aggregation is presently enabled.
# Export Directory
1 secondary
Choose the operation you want to perform:
- ENABLE - Enable or disable secondary aggregation.
- ADD - Add additional data export directories.
- DELETE - Remove data export directory.
[]>
test.lab.local> commit
+++
test.sma.local> secondaryconfig
Secondary aggregation is presently disabled.
No data import directory configured
Choose the operation you want to perform:
- ENABLE - Enable or disable secondary aggregation.
[]> enable
Secondary aggregation is presently disabled.
Would you like secondary aggregation enabled? [N]> y
Enter the data source name to aggregate from, as set on the client appliance using secondaryconfig
[]> secondary
Secondary aggregation is presently enabled.
Importing data from data directory "secondary"
Choose the operation you want to perform:
- ENABLE - Enable or disable secondary aggregation.
[]>
test.sma.local> commit
+++
0 Helpful

Go to solution
jtsai8585
Level 1
Level 1
In response to dmccabej

‎06-13-2017 11:35 AM

Great! thanks for getting all that info.

To be clear, the backup SMA with secondaryconfig is pulling from my ESA cluster ? I was thinking it was pulling from my primary SMA....

0 Helpful

Go to solution
dmccabej
Cisco Employee
Cisco Employee
In response to jtsai8585

‎06-13-2017 11:46 AM

You're very welcome. :)

Correct, it would be pulling from any connected ESA/s. Basically, what you're doing with secondaryconfig, is telling the secondary/backup SMA to pull from a mirrored secondary directory instead of the primary directory, which is then what you're creating on the ESA/s by enabling secondaryconfig. 

Thanks!

-Dennis M.

0 Helpful
Customers Also Viewed These Support Documents