10-31-2022 09:35 AM
Hello,
I am getting these errors on the firewall and am not 100% sure how to resolve them. Any help on this would be great! Thank you in advance.
ModelSoftware VersionOS
Cisco Firepower Management Center 1600 |
7.0.2 (build 88) |
Cisco Firepower Extensible Operating System (FX-OS) 2.10.1 (build192) |
10-31-2022 09:42 AM
check the physical connection of Eth 1/5 - where this connected to Switch.
11-01-2022 12:07 AM
We had similar issues a while back and opened a case with Cisco TAC. It was related to a bug and it's only a cosmetic issue. They had me run some commands on FMC to gather some data and then followed up with running another set of commands to delete the specific UUIDs associated with the errors. Suggest opening a case with TAC to assist if you have an active support contract.
*SSH into the FMC and run these commands to gather info:
expert
sudo su
OmniQuery.pl -db mdb -e "select status,category,hex(uuid),body from notification;"
hth
11-01-2022 06:02 AM - edited 11-01-2022 06:04 AM
Like @manofsteel03 mentioned, this is usually due to a cosmetic bug. Here are more details on how to fix it (from FMC). Run these 3 commands in order. After running the last one, you should see "no rows returned"
OmniQuery.pl -db mdb -e "select status,category,hex(uuid),body from notification where status=11;"
OmniQuery.pl -db mdb -e 'delete from notification where uuid=unhex("<insert the uuid that the first command returns here");'
OmniQuery.pl -db mdb -e "select status,category,hex(uuid),body from notification where status=11;"
Also covered in this thread:
11-01-2022 12:20 PM
Hi Marvin - Thank you for the reply. I ran the command as you recommended but got a permission denied message. Is this to be expected even using the expert command before issuing the commands provided above?
> expert
firepower:~$ OmniQuery.pl -db mdb -e "select status,category,hex(uuid),body from notification where status=11;"
bash: /ngfw/usr/local/sf/bin/OmniQuery.pl: Permission denied
firepower:~$ OmniQuery.pl -db mdb -e 'delete from notification where uuid=unhex( "<insert the uuid that the first command returns here>");'
bash: /ngfw/usr/local/sf/bin/OmniQuery.pl: Permission denied
firepower:~$ OmniQuery.pl -db mdb -e "select status,category,hex(uuid),body from notification where status=11;"
bash: /ngfw/usr/local/sf/bin/OmniQuery.pl: Permission denied
11-01-2022 05:01 PM
You need to run the commands as superuser (su). So first, "sudo su -" to switch user context to superuser. Then all commands will be authorized in that context.
11-01-2022 05:11 PM
Perfect thank you. That worked. How long does it take for these errors to go away in the GUI once these have been issued?
11-01-2022 07:13 PM
By default the health monitor policy runs every 10 minutes and will update the GUI at that time. You can go into the FMC health monitor directly and select "Run All" to kick it off manually out of cycle.
11-08-2022 09:46 AM
Unfortunately after following the steps above this did not resolve the issue. Is there anything else I can try before I reach out to TAC?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide