06-22-2016 07:15 AM - edited 03-12-2019 06:02 AM
Software Version 5.4.1.6 (build 40)
OS Sourcefire Linux OS 5.4.0 (build126)
Hello! I have a problem! I hope for your help!
When a try to apply settings to Sensor in FireSight - i have error - "Unable to connect to DB". FireSight and FirePower see each other in lan.
How i can solve this problem? What am I doing wrong?
Thank you!
06-22-2016 07:27 AM
Is this a new installation? or it was registered to different FMC and now registered to another one? this looks like could be issue with database corruption.
It could end up with re-image but I would suggest to open TAC case for it.
Rate if helps.
Yogesh
06-22-2016 07:35 AM
Thank you! It is not new installation. I have indicator an exclamation mark on the hardware. What it is mean?
06-23-2016 08:12 AM
Hello Team,
If its a hardware , you can also check the LCD panel if that shows any hardware error (click on next button ).
Other than that , is there any sudden power loss occurred in the device? . If the device gets powered off suddenly , this will mess up the database.
Looks like the mysql will be in a shutdown mode or unresponsive mode. Its just because of the database error only , this error will occur.
Could you please verify the status of the following :-
pmtool status |grep mysqld
Other than this , to troubleshoot this you need to contact the TAC team since starting from version 5.4 we are not supposed to make any alterations to the database without the TAC assistance.
Rate if this post helps you.
Regards
Jetsy
10-20-2019 10:22 PM
Hi dedr
12-24-2019 06:04 PM
Yep, same issue here!
Aug 9 09:11:35 firepower SF-IMS[5036]: [5036] (none):MySQLDatastore [ERROR] MySQLDatastore.c:620:Connect(): Unable to connect to database after 60 seconds: Can't connect to local MySQL server through socket '/var/run/mysql/mysql.sock' (111)
Aug 9 09:11:35 firepower SF-IMS[5036]: [5036] hm_notifyd:DatastoreClient [ERROR] Unable to connect to datastore: Unhandled database error
Aug 9 09:11:35 firepower SF-IMS[5036]: [5036] hm_notifyd:HMNOTIFY_ReadConfig [ERROR] Unable to create DB connection: Unhandled database error
Aug 9 09:11:35 firepower SF-IMS[5036]: [5036] hm_notifyd:main [ERROR] Error reading configuration on the database
04-04-2022 06:55 AM
Here issue here. Contacted TAC and they suggested re-image, but weeks later, the issue happens again. Any solution for this issue?
04-04-2022 07:12 PM
What appliance is this happening on? Did you re-image? What version? Is it in an HA pair? Is that the exact error message?
If you did re-image the backup you used may have had the problem already -
Things you can try
check for database errors
admin@firepower:/opt/cisco/csp/applications$ sudo DBCheck.pl
running database integrity check with the following options:
- use exception directory /ngfw/usr/local/sf/etc/db_exceptions
- check refererences
- check enterprise objects
- check schema
- check required data
- log to stderr
getting filenames from [/ngfw/usr/local/sf/etc/db_updates/index]
getting filenames from [/ngfw/usr/local/sf/etc/db_updates/base-6.4.0]
getting exceptions from [/ngfw/usr/local/sf/etc/db_exceptions/db_exceptions.yaml]
DBCheck running with 6.4.0 as CURRENT VERSION.
fireamp_event_template uses the current schema. Using that for validation.
<omitted>
packet_log_template uses the current schema. Using that for validation.
After Checking DB, Warnings: 0, Fatal Errors: 0
check for down services
admin@firepower:/opt/cisco/csp/applications$ sudo pmtool status | grep Down
RUAScheduledDownload - Period 3600 - Next run Mon Apr 4 22:00:00 2022
admin@firepower:/opt/cisco/csp/applications$
tail /var/lib/mysql/mysql-server.err
root@firepower:~# tail /var/lib/mysql/mysql-server.err
2022-04-05 1:09:41 22452549753728 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ...
<omitted>
2022-04-05 1:09:41 22452549753728 [Note] /ngfw/usr/bin/mysqld: ready for connections. <==do you see this?
check for corrupted tables -
root@firepower:~# mysqlcheck -padmin sfsnort | grep -wv OK
sfsnort.sf_cache_tracker_mem
note : The storage engine for the table doesn't support check
sfsnort.sf_rule_summary_mem
note : The storage engine for the table doesn't support check
root@firepower:~#
if you see anything not "OK" you can run repair_table.pl
let us know the exact message you see
04-05-2022 07:55 AM
Hi cybergeezer,
Thank you for reply.
We are using ASA 5525-X with firepower service. Two devices with HA. Both SFR modules have this issue. We created a case on TAC and it has been more than 3 months and the issue is still. I reimaged the SFR modules and it worked for weeks or so, but then the issue happens again.
Did DBCheck.pl on Firepower which is a virtual appliance on our case and no warnings or error.
We did dozen of reimage and it just happens over and over. One SFR module was failed and I reimaged it last week, another one started the issue from last Friday. When the issue happens, both SFR modules were up and down for two or three days, and then complete down.
Any idea?
Thanks,
W
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide