cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

432
Views
5
Helpful
1
Replies
peter.matuska1
Beginner

ISE deployment sync - auth. logs

Hi,

I have a deployment with 2 nodes. I had to reinstall a broken node. When I joined the new node to the deployment, sync finished successfully but authentication logs were not synchronised. How to force ISE to send all historical authentication logs from the old node to the new one? Is it possible or should I have to do operational backup and then restore it on the new node and after that join the new node to the deployment?

thank you

 

 

1 ACCEPTED SOLUTION

Accepted Solutions
Damien Miller
VIP Advisor

There is no capability to sync the existing logs over to the replacement MNT node, but as you pointed out, you are able to perform an operational backup, and restore that to the other MNT node. This can be a pretty slow process, it works, but not too many people take the effort to do it after a rebuild. 

By default ISE only stores 30 days of TACACS/RADIUS logs, so if you're running a default retention period, then after 30 days both MNT nodes will have a consistent history. In the mean time you could run the Primary MNT role on the node that wasn't rebuilt to view the past logs while they gradually come in to sync. 

View solution in original post

1 REPLY 1
Damien Miller
VIP Advisor

There is no capability to sync the existing logs over to the replacement MNT node, but as you pointed out, you are able to perform an operational backup, and restore that to the other MNT node. This can be a pretty slow process, it works, but not too many people take the effort to do it after a rebuild. 

By default ISE only stores 30 days of TACACS/RADIUS logs, so if you're running a default retention period, then after 30 days both MNT nodes will have a consistent history. In the mean time you could run the Primary MNT role on the node that wasn't rebuilt to view the past logs while they gradually come in to sync. 

View solution in original post

Create
Recognize Your Peers
Content for Community-Ad

ISE Webinars



Did you miss a previous ISE webinar?

CiscoISE YouTube Channel