10-29-2020 11:41 AM
Experiencing a sporadic issue where live logs goes missing in our ISE deployment for my organization. We are running 2.4 Patch 11 version. The usual precursor to this issue is the Warning - Health Status Unavailable on all the nodes in our deployment.
Is there any bug related to this or are there any troubleshooting steps for this kind of issue?
I already have a case open with TAC they have collected System Bundles and Debugs from the Primary MNT.
Really puzzled as this just started happening over the last 3 weeks. The only major change we've had in my environment for that time frame is the changing the IP and VLAN of our secondary nodes and on one of our PSNs
Solved! Go to Solution.
11-02-2020 07:53 PM
There is no ISE messaging service in 2.4, so you won't have the possibility to see the Queue Link Error unless you are on 2.6p2+/2.7/3.0. You're pre feature, but keep an eye out for it, it's a common post upgrade issue to address with new certs.
I had a customer with 2.4 live log issues, they have since moved to 2.7p2, but it was related to the sessions directory memory size.
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvs53030
Hopefully TAC can help you out with the case, or they have already. In the mean time you could confirm that TCP syslog is disabled, it has been known to cause issues in the past.
10-29-2020 11:52 AM - edited 10-29-2020 11:53 AM
AFAIK there have been a few bugs relating to your issue. Do you also get queue link alarms? If so, one specific bug that I encountered that relates to your issues with no live logs for both radius and t+, and no system summary health status available is here: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvp45528/?rfs=iqvred
Note that I encountered this bug on 2.7p2 & the workaround fixed my issues. HTH!
10-29-2020 12:03 PM
Thanks for the reply, Mark & no I do not receive a 'Queue Link Error' on any of the nodes. I'll try and look through the bug search tool to see if I find any that match my current issue.
11-02-2020 07:53 PM
There is no ISE messaging service in 2.4, so you won't have the possibility to see the Queue Link Error unless you are on 2.6p2+/2.7/3.0. You're pre feature, but keep an eye out for it, it's a common post upgrade issue to address with new certs.
I had a customer with 2.4 live log issues, they have since moved to 2.7p2, but it was related to the sessions directory memory size.
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvs53030
Hopefully TAC can help you out with the case, or they have already. In the mean time you could confirm that TCP syslog is disabled, it has been known to cause issues in the past.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide