Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1041
Views
0
Helpful
7
Replies

FMC Critical Alert Disk Usage

401
Level 1
Level 1

‎09-01-2024 07:41 PM

Hello Cisco Team,

I would like to inquire about the FMC software that I have integrated with the ASA firewall. There is a critical alert indicating "Frequent drain of Connection Events" related to disk usage. However, when checking the health dashboard, the disk status does not appear to be full or in failure. You can see this in the image below.

Could your team please provide an explanation regarding this issue?

Thank you.

Health statusHealth statusalertalert

Labels:
0 Helpful
7 Replies 7

marce1000
Hall of Fame
Hall of Fame

‎09-02-2024 12:13 AM

 

    - FYI : https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwd26466
              https://bst.cloudapps.cisco.com/bugsearch/bug/CSCuz86604   

  M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

Marius Gunnerud
VIP
VIP

‎09-02-2024 03:54 PM

We had this issue previously.  It was fixed for us after upgrading to version 7.2.5.

--
Please remember to select a correct answer and rate helpful posts
0 Helpful

401
Level 1
Level 1
In response to Marius Gunnerud

‎09-02-2024 07:07 PM

I am already on version 7.2.5.2. Is there a way to remove or clear those alarms?

0 Helpful

BoomShakaLak
Level 1
Level 1

‎09-03-2024 12:04 AM

Are you by chance logging ACP rules at both beginning and end ?

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame

‎09-03-2024 12:28 AM

Your health status screenshot appears to be from your device running FTD. Can you share the health screenshot for FMC including events/second? That is the usual culprit for the error message (which basically says the FMC's ability to write incoming events to the database on disk is overwhelmed). The bug cited by @marce1000 are also a possibility. Although they should be fixed in your FMC version, bugs from earlier releases have been known to persist across an upgrade from an affected version.

0 Helpful

401
Level 1
Level 1
In response to Marvin Rhoads

‎09-03-2024 08:13 PM

this the health screenshot for FMC.

Screenshot_3.png

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to 401

‎09-03-2024 09:10 PM - edited ‎09-03-2024 09:11 PM

The FMC health shows less than 4k events/second (connections, intrusion etc. combined) yet the input rate is constant up around 25 Mbps - that is quite unusually high. Something is send a LOT of data to the FMC for processing but it doesn't look like connection events. Do you possibly have firewall debugging enabled and set via platform policy to send events to FMC?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card