I'm fairly happy with backups and restoration on the admin node, but not done much with the monitor node. I think a while ago, I backed up a monitor node and restored it, and seemed to go ok, apart from the gap in logs while you're actually doing the backup/restore.
What I want to know and have not seen any documentation on it, is there a decent way of opening and viewing backed up logs. i.e. accessing the massive raw encrypted file that will be saved off to some network drive somewhere?
I'll give it a try on Monday but not got access to any at the moment.
For scheduled backups, you can obtain information about the backup, backup events, and status (when the backup was performed, whether it was successful or not, and so on) from the Backup History page.
Every Cisco ISE administrator account is assigned one or more administrative roles. To perform the operations described in the following procedure, you must have one of the following roles assigned. Super Admin or Monitoring Admin or Helpdesk Admin.
To view the backup history, complete the following steps:
Step 1 Choose Operations > Reports > System.
Step 2 From the System navigation pane on the left, choose Data Management > Administration Node > Backup History.
The Backup History page provides basic information about the scheduled backups that were run.
For failed backups, you must run the backup-logs command from the Cisco ISE CLI and look at the
ADE.log for more information.
Note The backup history is stored along with the Cisco ADE operating system configuration data. After an application upgrade, backup history is not lost and the Backup History page lists all the backups that were run. The backup history will be removed only when you reimage the primary administration node.
Yep, I'm pretty au fait with that, I'm looking at whether there is a method of accessing the raw logs themselves. Or do you have to actually restore to the ISE in order to be able to access previous monitor logs.
"What I want to know and have not seen any documentation on it, is there a decent way of opening and viewing backed up logs. i.e. accessing the massive raw encrypted file that will be saved off to some network drive somewhere?"
I think you may have missed my question Aqueel. Did you spot anything in particular in the documentation that answers my question or have you just sent me a random link? :-) Initially I suspected you were a bot. :-)
The MNT data backup can only be restored on ISE MNT nodes. Even though if we decrypt the MNT backup file , you will not be able to read the data because the data is stored in Oracle Database and the backup file contains the snapshot of the MNT database . This snapshot can be re-imported on the MNT nodes and the data can be read by the in-built SQL queries that are being used with the ISE MNT nodes.
The command which is used to decrypt the files in linux is as follows:
gpg --decrypt-files .
When you run the above command it will ask for the passphrase and specify the encryption key that you used at the time of creating the backup files or logs.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...