Solved: Re: Cisco ISE Disk Requirements

Arie -- · ‎08-14-2018

Hi,

I'm wondering with disk allocation for ISE VM 2.3. It said that on any node that has the Monitoring persona enabled, 60 percent of the VM disk space is allocated for log storage. So, if I have deployed 600GB of disk, then 360GB will be used for log storage. How about the rest of 40% disk space? What will be used for?

For 360GB log storage, does it use for Operational Log (RADIUS/TACACS+) only or shared with ISE Local log?

Thank you

Arie

Craig Hyps · ‎08-16-2018

The OS and applications as well as space for local logging and staging upgrades, patches, backups, restores will require a core amount of space. The 60% value is the algorithm used and may make sense when the disk space is 600GB, but it is certainly fair to question whether this algorithm makes sense for a 1.2TB 2595 or VM with up to 2TB allocation. Originally, the entire backup was copied locally before offloaded which accounted for the much smaller file space allocation to logging, but since that has been enhanced, the amount of disk required for the core files plus reserve for local and debug logging and workspace should not require the full 40% allocation (240GB for 600GB versus 800GB for 2TB disk).

Changes to current logic would entail and enhancement so recommend work with Cisco account team to submit enhancement to allow better control over disk allocation, especially for the larger disk sizes. You can also enter this info via the Feedback button in ISE admin interface. The Product Management team does review these submissions.

Fortunately, there were many enhancements in ISE 2.4 logging which should allow a significant increase in data retention such as the optimization of database tables and removal of very detailed auth log info (the blob seen when click on Live Log details) after 7 days.

Craig

View solution in original post

Craig Hyps · ‎08-16-2018

The OS and applications as well as space for local logging and staging upgrades, patches, backups, restores will require a core amount of space. The 60% value is the algorithm used and may make sense when the disk space is 600GB, but it is certainly fair to question whether this algorithm makes sense for a 1.2TB 2595 or VM with up to 2TB allocation. Originally, the entire backup was copied locally before offloaded which accounted for the much smaller file space allocation to logging, but since that has been enhanced, the amount of disk required for the core files plus reserve for local and debug logging and workspace should not require the full 40% allocation (240GB for 600GB versus 800GB for 2TB disk).

Changes to current logic would entail and enhancement so recommend work with Cisco account team to submit enhancement to allow better control over disk allocation, especially for the larger disk sizes. You can also enter this info via the Feedback button in ISE admin interface. The Product Management team does review these submissions.

Fortunately, there were many enhancements in ISE 2.4 logging which should allow a significant increase in data retention such as the optimization of database tables and removal of very detailed auth log info (the blob seen when click on Live Log details) after 7 days.

Craig