Buy or Renew
Buy or Renew
We are currently experiencing Knowledge Base board outages and are working to resolve. Thank you for your patience.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
273
Views
2
Helpful
6
Replies

Context Visibility application and hardware visibility gone

robertwilkinson1
Level 1
Level 1

‎09-12-2025 08:25 AM

Wondering if anyone else has run into this prior.  Have posture set up using agents two of my rules are application visibility and hardware visibility.  both were working just fine.   I noticed a few things in context visibility out of sync so i did the normal sync procedure.  that went fine,  when completed I lost all application and hardware data.  its completely gone.  The first time this happened I opened a TAC and they basically had me rebuild my Primary MnT node.  then it showed up again.  fast forward a few months and needed to do a sync again.  Once again all app and hardware data is gone.  Still waiting on new TAC engineer to figure out whats happening but if they tell me to rebuild once again I will find a table somewhere to flip.  running 3.3 p6 on sns-3655 appliances.  MnT are dedicated nodes.  2 PAN and 4 PSNs.  

6 Replies 6

Arne Bier
VIP
VIP

‎09-14-2025 02:49 PM

That sounds rotten. What do you mean by "lost all application and hardware data"? Do you mean that on the MNT node you no longer could issue commands on the ADE-OS CLI? Are you saying that performing the Context Visibility Reset process trashed one (or both) of your MNT nodes?  Obviously this is not normal or expected and something buggy got in the way. My first suspicion in these cases is VM corruption due to potential snapshotting or historical technical debt from too many upgrades. But since you're on SNS appliances I can rest assured there was no VM snapshot involved. And contrary to Cisco recommendation about using 3655 or 3695 as MNT is not a guarantee for success. The same bugs are baked into all flavours of the product. 

I'd say the TAC would not be wrong to suggest rebuilds, because most of them don't have a clue how to fix something like this. The trouble with a rebuild is that the node registration copies the primary admin main database to the newly built node - if there is corruption in there, then there is potential for issues in future. To eradicate such issues, you'd need to build a new PAN, and put all the config back by hand (you can import Devices/Groups, Users, Endpoints). You could do this slowly over time, and then migrate your PSNs over to the new PAN. A lot of work for sure.   

 

0 Helpful

robertwilkinson1
Level 1
Level 1
In response to Arne Bier

‎09-15-2025 04:50 AM

What I mean is under context visibility > application previously it reporting 20k+ endpoints with around 14k+ applications.  now it shows 0 and 0.  When trying to do an export of hardware or applications via cli it says no data there.  Rebuilding to me isn't really a solution since this is the second time it has happened.   I am assuming its a software bug somewhere, TAC is taking their time on solving this which i get to some extent but I also need this solved sooner rather than later.  Might have to escalate case to severity 2 soon to get some work accomplished.  This was mainly to see if anyone has seen similar issue.  I dont have a lab environment to rebuild and replicate it else i would.   

MHM Cisco World
VIP
VIP

‎09-15-2025 05:00 AM

show application status ise

Can you share this 

MHM

0 Helpful

robertwilkinson1
Level 1
Level 1
In response to MHM Cisco World

‎09-15-2025 11:55 AM

from mnt 

--------------------------------------------------------------------
Database Listener running 8377
Database Server running 186 PROCESSES
Application Server running 27331
Profiler Database running 15310
ISE Indexing Engine disabled
AD Connector running 27995
M&T Session Database running 22068
M&T Log Processor running 2290303
Certificate Authority Service disabled
EST Service disabled
SXP Engine Service disabled
TC-NAC Service disabled
PassiveID WMI Service disabled
PassiveID Syslog Service disabled
PassiveID API Service disabled
PassiveID Agent Service disabled
PassiveID Endpoint Service disabled
PassiveID SPAN Service disabled
DHCP Server (dhcpd) disabled
DNS Server (named) disabled
ISE Messaging Service running 11757
ISE API Gateway Database Service running 14213
ISE API Gateway Service running 20848
ISE pxGrid Direct Service disabled
Segmentation Policy Service disabled
REST Auth Service disabled
SSE Connector disabled
Hermes (pxGrid Cloud Agent) disabled
McTrust (Meraki Sync Service) disabled
MFA (Duo Sync Service) disabled
ISE Node Exporter running 29774
ISE Prometheus Service disabled
ISE Grafana Service disabled
ISE MNT LogAnalytics Elasticsearch running 3850761
ISE Logstash Service running 38235
ISE Kibana Service running 40045
ISE Native IPSec Service running 47193
MFC Profiler disabled

 

0 Helpful

MHM Cisco World
VIP
VIP
In response to robertwilkinson1

‎09-15-2025 12:28 PM

Every thing is running' except index' which as I know ir need only on PAN not MnT.

Can you check this also

show logging application ise-mnt.log

MHM

0 Helpful

robertwilkinson1
Level 1
Level 1

‎09-15-2025 11:58 AM

still waiting on the output from the pan,  but absolutely everything else is working,  dot1x authentication, compliance policies, device portal and son on minus the app vis and hardware vis policies.  

 

0 Helpful
Customers Also Viewed These Support Documents