Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
447
Views
5
Helpful
3
Replies

"AnalysisEngine busy" prevents upgrade IDS4235 from 4.0(1)S37 to 4.1(4)S91

yulan.lee
Level 1
Level 1

‎09-30-2004 10:23 AM - edited ‎03-09-2019 08:57 AM

My IDS-4235 is having BIOS of A04, currently running 4.0(1)S37. I want to upgrade it to IDS-K9-sp-4.1-4-S91. However, the error message from AnalysisEngine abort the processing every time. (See Error message at the bottom.) I have waited minutes and hours for the retries, same result. Is there anything that I need to do to get this working???

Phoenix ROM BIOS PLUS Version 1.10 A04

Cisco Systems IDS-4235/4250

IDS-4235/4250

Embedded server management firmware revision 1.56

Backplane firmware revision 0.29

One 1266 MHz Processor, Processor Bus: 133 MHz, L2 cache: 512 KB

Adaptec AIC-7899 SCSI BIOS Build 25309

(c) 1999 Adaptec, Inc. All Rights Reserved.

Press <Ctrl><A> for SCSISelect(TM) Utility!

Ch A, SCSI ID: 0 SEAGATE ST318453LC 160

SCSI ID: 6 PE/PV 1x3 SCSI BP ASYN

sensor# show version

Application Partition:

Cisco Systems Intrusion Detection Sensor, Version 4.0(1)S37

OS Version 2.4.18-5smpbigphys

Platform: IDS-4235

Sensor up-time is 1 min.

Using 223019008 out of 1055744000 bytes of available memory (21% usage)

Using 544M out of 15G bytes of available disk space (4% usage)

MainApp 2003_Jan_23_02.00 (Release) 2003-01-3T02:00:25-0600 Running

AnalysisEngine 2003_Jan_23_02.00 (Release) 2003-01-3T02:00:25-0600 Running

Authentication 2003_Jan_23_02.00 (Release) 2003-01-3T02:00:25-0600 Running

Logger 2003_Jan_23_02.00 (Release) 2003-01-3T02:00:25-0600 Running

NetworkAccess 2003_Jan_23_02.00 (Release) 2003-01-3T02:00:25-0600 Running

TransactionSource 2003_Jan_23_02.00 (Release) 2003-01-3T02:00:25-0600 Running

WebServer 2003_Jan_23_02.00 (Release) 2003-01-3T02:00:25-0600 Running

CLI 2003_Jan_17_18.33 (Release) 2003-01-7T18:33:18-0600

Upgrade History:

IDS-K9-maj-4.0-1-S36 15:32:52 UTC Thu Jan 30 2003

Recovery Partition Version 1.1 - 4.0(1)S37

sensor#

sensor(config)# upgrade ftp://ids@10.1.1.254//IDS-K9-sp-4.1-4-S91.rpm.pkg

Password: *********

Warning: Executing this command will apply a service pack to the application parititon. The system may be rebooted to complete the upgrade.

Continue with upgrade? : yes

Broadcast message from root (Thu Sep 30 12:14:38 2004):

Applying update IDS-K9-sp-4.1-4-S91.

Shutting down all CIDS processes. All connections will be terminated.

The system will be rebooted upon completion of the update.

Error: AnalysisEngine is currently busy and unable to process this update. Please wait several minutes before attempting update again.

Labels:
Preview file
27 KB
0 Helpful
3 Replies 3

marcabal
Cisco Employee
Cisco Employee

‎09-30-2004 12:12 PM

This looks like an incorrect error message.

I think the installation is coming across an error and is spitting out the wrong error message, the real error message should have been that the 4.1(1) Minor Update package has to be installed before you install the 4.1(4) Service Pack.

You can download the 4.1(1) Minor Update from:

http://www.cisco.com/cgi-bin/tablebuild.pl/ids4

You can't install 4.1(4) on top of 4.0(1).

0 Helpful

yulan.lee
Level 1
Level 1
In response to marcabal

‎09-30-2004 02:58 PM

I tried 4.1(1). Got different error message. It failed to download from my FTP server. (I'm sure the ftp password is correct and file does exist on the ftp server.) Instead, it looked at its own HD for the OS.

sensor# conf t

sensor(config)# upgrade ftp://ids@10.1.1.254//IDS-K9-min-4.1-1-S47.rpm.pkg

Password: *********

Warning: Executing this command will apply a minor version upgrade to the applic

ation partition. The system may be rebooted to complete the upgrade.

Continue with upgrade? : yes

Error: download file does not exist: /usr/cids/idsRoot/var/updates/IDS-K9-min-4.

1-1-S47.rpm.pkg

sensor(config)#

0 Helpful

marcabal
Cisco Employee
Cisco Employee
In response to yulan.lee

‎10-01-2004 08:04 AM

This error occurs because the download was unsuccessful, but the sensor was unable to tell that download failed. So the sensor thinks that the file should be on the sensor and tries to execute and you wind up with the error that you saw.

We have seen these happen for a couple of different reasons:

1) The ftp server does not have the standard prompts.

The sensor is hardcoded to look for certain ftp prompts, if your ftp server used different prompts then the download will timeout not being able to recognize the prompts.

You may also want to try using a server from this list:

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/csids/csids8/13870_01.htm#xtocid34

NOTE: The prompt checking has been improved in the 4.1(4) Service Pack, but as you've seen you first half to get 4.1(4) loaded before you can take advantage of the improvements.

2) A timeout while downloading a large file. The 4.1(1) Minor Version upgrade is a fairly large file. If the ftp server is busy, or is accessed through a busy network then the download can take to long and will timeout. We have seen this most often with upgrades being done from ftp servers being reached over the internet. To prevent this issue try to use a ftp server that is not very busy and is located on the same network as the sensor.

NOTE: In 4.1(4) this addressed by the addition of an ftp timeout parameter. In 4.0 and 4.1(1) the timeout was hardcoded, but in 4.1(4) the user can increase the timeout to allow for longer download times. But of course you have to first get 4.1(4) loaded to get this feature.

Customers Also Viewed These Support Documents