security intelligence URL: memcap exceeded Alert in FMC related to one firepower module

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
11-11-2017 10:17 AM - edited 02-21-2020 06:43 AM
Hello all,
after upgrading to version 6.2.2 we face the following error
security intelligence URL: memcap exceeded
also same error exist in 6.2.2.1
I saw similar bug but on FTD, we are not using FTD
we are using one virtual firepower management center to manage two ASAs with firepower module.
- Labels:
-
NGFW Firewalls
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-31-2018 02:42 PM
I just don’t know the answer to that one! ☺
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-21-2018 09:20 AM
Todd,
How is it you can see how many objects are being loaded?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-09-2018 10:44 AM
Thx, I get this message on a ASA 5512X (with 6.2.3)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-23-2018 08:43 AM
Cisco has a hotfix out for this. We received it from TAC and I installed it today and all issues with the errors are resolved.
I suggest opening a case with Cisco and getting the hotfix.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-23-2018 02:52 PM
that is fantastic! Thank you!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-24-2018 01:58 PM
hey, cisco doesn't know anything about this...
can you send me the hot fix if you got it? can you advise?
here is what cisco said:
I am Jashanjit Badwal from Cisco TAC and I’ll be assisting you with your case.
If I understand correctly, you have task notification health alerts stating that "Security Intelligence URL: memcap exceeded". From previous experience, unfortunately, this issue happens due to the total available memory in the appliance. What the alert means is that the appliance is not able to load all entries available in the memory and will only load partial SI entries. To overcome this issue, as you stated, we need to remove Security Intelligence categories by navigating to "Policies > Access Control > Edit the policy > Click on Security Intelligence tab" and remove the URL categories and DNS categories. The latter step frees up shared memory for SI to load more entries. At the time of this writing, there is no other documented workaround to apply besides the workaround already specified.
Best Regards,
Jashanjit Badwal
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-24-2018 02:03 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-24-2018 02:04 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-24-2018 02:06 PM
I put a copy of the file in my post. Feel free to use it!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-24-2018 02:12 PM
GOT IT! Thank you so much!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-24-2018 02:15 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-24-2018 02:15 PM
I'll let you know shortly!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-24-2018 02:45 PM
dang, it didn't fix it...
shoot...that was time consuming too...
I'll keep watching it and check it in the am
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-24-2018 02:45 PM
no go :(
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-25-2018 06:22 AM
That's strange it worked for us. Our FMC is running 6.2.2.1 (build 73) and all our 5506X's are running Version 6.2.2 (Build 81).
Not sure why it didn't work for you.
