Thank you! It is not new installation. I have indicator  an exclamation mark on the hardware. What it is mean?

 Hi dedr

Yep, same issue here!

Aug 9 09:11:35 firepower SF-IMS[5036]: [5036] (none):MySQLDatastore [ERROR] MySQLDatastore.c:620:Connect(): Unable to connect to database after 60 seconds: Can't connect to local MySQL server through socket '/var/run/mysql/mysql.sock' (111)

Aug 9 09:11:35 firepower SF-IMS[5036]: [5036] hm_notifyd:DatastoreClient [ERROR] Unable to connect to datastore: Unhandled database error

Aug 9 09:11:35 firepower SF-IMS[5036]: [5036] hm_notifyd:HMNOTIFY_ReadConfig [ERROR] Unable to create DB connection: Unhandled database error

Aug 9 09:11:35 firepower SF-IMS[5036]: [5036] hm_notifyd:main [ERROR] Error reading configuration on the database

What appliance is this happening on?  Did you re-image?  What version? Is it in an HA pair? Is that the exact error message?

If you did re-image the backup you used may have had the problem already -

Things you can try

check for database errors

admin@firepower:/opt/cisco/csp/applications$ sudo DBCheck.pl
running database integrity check with the following options:
- use exception directory /ngfw/usr/local/sf/etc/db_exceptions
- check refererences
- check enterprise objects
- check schema
- check required data
- log to stderr
getting filenames from [/ngfw/usr/local/sf/etc/db_updates/index]
getting filenames from [/ngfw/usr/local/sf/etc/db_updates/base-6.4.0]
getting exceptions from [/ngfw/usr/local/sf/etc/db_exceptions/db_exceptions.yaml]
DBCheck running with 6.4.0 as CURRENT VERSION.
fireamp_event_template uses the current schema. Using that for validation.
<omitted>
packet_log_template uses the current schema. Using that for validation.
After Checking DB, Warnings: 0, Fatal Errors: 0

check for down services
admin@firepower:/opt/cisco/csp/applications$ sudo pmtool status | grep Down
RUAScheduledDownload - Period 3600 - Next run Mon Apr 4 22:00:00 2022
admin@firepower:/opt/cisco/csp/applications$

tail  /var/lib/mysql/mysql-server.err

root@firepower:~# tail /var/lib/mysql/mysql-server.err
2022-04-05 1:09:41 22452549753728 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ...
<omitted>
2022-04-05 1:09:41 22452549753728 [Note] /ngfw/usr/bin/mysqld: ready for connections. <==do you see this?

check for corrupted tables -

root@firepower:~# mysqlcheck -padmin sfsnort | grep -wv OK
sfsnort.sf_cache_tracker_mem
note : The storage engine for the table doesn't support check
sfsnort.sf_rule_summary_mem
note : The storage engine for the table doesn't support check
root@firepower:~#

if you see  anything not "OK" you can run repair_table.pl

let us know the exact message you see

Hi cybergeezer,

Thank you for reply.

We are using ASA 5525-X with firepower service. Two devices with HA. Both SFR modules have this issue. We created a case on TAC and it has been more than 3 months and the issue is still. I reimaged the SFR modules and it worked for weeks or so, but then the issue happens again. 

Did DBCheck.pl on Firepower which is a virtual appliance on our case and no warnings or error.

We did dozen of reimage and it just happens over and over. One SFR module was failed and I reimaged it last week, another one started the issue from last Friday. When the issue happens, both SFR modules  were up and down for two or three days, and then complete down. 

Any idea?

Thanks,

W