Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

context buffer too short

Hi, hope you can help me with this;

Sapd on my director has started reporting that its context buffer is to short and that it can't load the context string(s) into the db. I have noticed a few of these messages before but a few days ago it just rocketed through the roof, making sapd unable to load any data at all, or more correct making sapd unable to finish loading a file. This results in a situation where sapd tries to load the same file again and again, filling the db with duplicates. I have just disabled context loading so I at least can query on the events. Signature 5126 seems to stand out from the others with around 519 characters in its context field, but I don't know if this has anything to do with it.

Is this a known issue or has anyone else experienced this and how do I fix it?

\br

rp

1 REPLY
Cisco Employee

Re: context buffer too short

There was a bug in some of the older sensor versions where the Context Buffer was not being populated correctly by the sensor. This caused problems for both smid and sapd on the management systems. I believe the issue was fixed in one of the 3.1 Service Packs.

Verify that you are running the latest software versions on your sensor to ensure you have the latest sensor software fixes.

Alarms from older sensors may have this problem, and you would need to remove the Context Buffer from these older alarms.

If, however, alarms from a sensor running the latest version are causing this sapd error then please contact the TAC and have ready the output of nrvers and an example log entry with this problem. If it is happening with the latest code then it is likely a new bug that we were not aware of. The TAC can create a bug for it, and get engineering working on a fix.

102
Views
0
Helpful
1
Replies