Showing results for 
Search instead for 
Did you mean: 


Error in FireSight - "Unable to connect to DB".

Software Version (build 40)
OS Sourcefire Linux OS 5.4.0 (build126)

Hello! I have a problem! I hope for your help! 

When a try to apply settings to Sensor in FireSight - i have error - "Unable to connect to DB". FireSight  and FirePower see each other in lan.

How i can solve this problem? What am I doing wrong?

Thank you!

Cisco Employee

Is this a new installation? or it was registered to different FMC and now registered to another one? this looks like could be issue with database corruption.

It could end up with re-image but I would suggest to open TAC case for it.

Rate if helps.


Thank you! It is not new installation. I have indicator  an exclamation mark on the hardware. What it is mean?

Jetsy Mathew
Cisco Employee

Hello Team,

If its a hardware , you can also check the LCD panel if that shows any hardware error (click on next button ).

Other than that , is there any sudden power loss occurred in the device? . If the device gets powered off suddenly , this will mess up the database.

Looks like the mysql will be in a shutdown mode or unresponsive mode. Its just because of the database error only , this error will occur.

Could you please verify the status of the following :-

pmtool status |grep mysqld

Other than this , to troubleshoot this you need to contact the TAC team since starting from version 5.4 we are not supposed to make any alterations to the database without the TAC assistance.

Rate if this post helps you.



 Hi dedr

Error in FireSight - "Unable to connect to DB
the device gets powered off suddenly after that we have this erroe when push config to sfr
trying to connect to database server after error 2002: con not connecteto local mysql server through socket

Yep, same issue here!



Aug 9 09:11:35 firepower SF-IMS[5036]: [5036] (none):MySQLDatastore [ERROR] MySQLDatastore.c:620:Connect(): Unable to connect to database after 60 seconds: Can't connect to local MySQL server through socket '/var/run/mysql/mysql.sock' (111)


Aug 9 09:11:35 firepower SF-IMS[5036]: [5036] hm_notifyd:DatastoreClient [ERROR] Unable to connect to datastore: Unhandled database error


Aug 9 09:11:35 firepower SF-IMS[5036]: [5036] hm_notifyd:HMNOTIFY_ReadConfig [ERROR] Unable to create DB connection: Unhandled database error


Aug 9 09:11:35 firepower SF-IMS[5036]: [5036] hm_notifyd:main [ERROR] Error reading configuration on the database


Remember to rate helpful posts and/or mark as a solution if your issue is resolved.

Here issue here. Contacted TAC and they suggested re-image, but weeks later, the issue happens again. Any solution for this issue?

What appliance is this happening on?  Did you re-image?  What version? Is it in an HA pair? Is that the exact error message?


If you did re-image the backup you used may have had the problem already -


Things you can try


check for database errors


admin@firepower:/opt/cisco/csp/applications$ sudo
running database integrity check with the following options:
- use exception directory /ngfw/usr/local/sf/etc/db_exceptions
- check refererences
- check enterprise objects
- check schema
- check required data
- log to stderr
getting filenames from [/ngfw/usr/local/sf/etc/db_updates/index]
getting filenames from [/ngfw/usr/local/sf/etc/db_updates/base-6.4.0]
getting exceptions from [/ngfw/usr/local/sf/etc/db_exceptions/db_exceptions.yaml]
DBCheck running with 6.4.0 as CURRENT VERSION.
fireamp_event_template uses the current schema. Using that for validation.
packet_log_template uses the current schema. Using that for validation.
After Checking DB, Warnings: 0, Fatal Errors: 0

check for down services
admin@firepower:/opt/cisco/csp/applications$ sudo pmtool status | grep Down
RUAScheduledDownload - Period 3600 - Next run Mon Apr 4 22:00:00 2022


tail  /var/lib/mysql/mysql-server.err

root@firepower:~# tail /var/lib/mysql/mysql-server.err
2022-04-05 1:09:41 22452549753728 [Note] InnoDB: Setting file './ibtmp1' size to 12 MB. Physically writing the file full; Please wait ...
2022-04-05 1:09:41 22452549753728 [Note] /ngfw/usr/bin/mysqld: ready for connections. <==do you see this?


check for corrupted tables -

root@firepower:~# mysqlcheck -padmin sfsnort | grep -wv OK
note : The storage engine for the table doesn't support check
note : The storage engine for the table doesn't support check


if you see  anything not "OK" you can run


let us know the exact message you see


Hi cybergeezer,


Thank you for reply.

We are using ASA 5525-X with firepower service. Two devices with HA. Both SFR modules have this issue. We created a case on TAC and it has been more than 3 months and the issue is still. I reimaged the SFR modules and it worked for weeks or so, but then the issue happens again. 


Did on Firepower which is a virtual appliance on our case and no warnings or error.


We did dozen of reimage and it just happens over and over. One SFR module was failed and I reimaged it last week, another one started the issue from last Friday. When the issue happens, both SFR modules  were up and down for two or three days, and then complete down. 


Any idea?







Recognize Your Peers
Content for Community-Ad