Cisco Ise 14 User Guide
Have a look at the manual Cisco Ise 14 User Guide online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 53 Cisco manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
![Page 36
application reset-passwd
ToresettheAdminportalloginpasswordforaspecifieduseraccount(usuallyanexistingadministrator
account)inCiscoISEaftertheadministratoraccounthasbeendisabledduetoincorrectpasswordentries,use
theapplicationreset-passwdcommandinEXECmode.YoucanalsousethiscommandtoresettheCisco
ISEdatabaseadministratoranduserpasswords.
application[reset-passwd{application-name}{administrator-ID|internal-database-admin|
internal-database-user}]
Syntax...](http://img.usermanuals.tech/thumb/17/104723/w64_ise-14-user-guide-1524839461_d-35.png "Page 36
application reset-passwd
ToresettheAdminportalloginpasswordforaspecifieduseraccount(usuallyanexistingadministrator
account)inCiscoISEaftertheadministratoraccounthasbeendisabledduetoincorrectpasswordentries,use
theapplicationreset-passwdcommandinEXECmode.YoucanalsousethiscommandtoresettheCisco
ISEdatabaseadministratoranduserpasswords.
application[reset-passwd{application-name}{administrator-ID|internal-database-admin|
internal-database-user}]
Syntax...")
![Page 38
application start
Toenableaspecificapplication,usetheapplicationstartcommandinEXECmode.Todisablestartingan
application,usethenoformofthiscommand.
application[start{application-name|safe}]
noapplication[start{application-name|safe}]
Syntax DescriptionEnablesanapplicationbundle.start
Nameofthepredefinedapplicationthatyouwanttoenable.Supports
upto255alphanumericcharacters.
application-name
Startsanapplicationinsafemode.safe
Command DefaultNodefaultbehaviororvalues.
Command ModesEXEC
Usage...](http://img.usermanuals.tech/thumb/17/104723/w64_ise-14-user-guide-1524839461_d-37.png "Page 38
application start
Toenableaspecificapplication,usetheapplicationstartcommandinEXECmode.Todisablestartingan
application,usethenoformofthiscommand.
application[start{application-name|safe}]
noapplication[start{application-name|safe}]
Syntax DescriptionEnablesanapplicationbundle.start
Nameofthepredefinedapplicationthatyouwanttoenable.Supports
upto255alphanumericcharacters.
application-name
Startsanapplicationinsafemode.safe
Command DefaultNodefaultbehaviororvalues.
Command ModesEXEC
Usage...")
![Page 41
application stop
Todisableaspecificapplication,usetheapplicationstopcommandinEXECmode.Todisablestoppingan
application,usethenoformofthiscommand.
application[stop{application-name}]
noapplication[stop{application-name}]
Syntax DescriptionDisablesanapplication.stop
Nameofthepredefinedapplicationthatyouwanttodisable.Supports
upto255alphanumericcharacters.
application-name
Command DefaultNodefaultbehaviororvalues.
Command ModesEXEC
Usage GuidelinesDisablesanapplication....](http://img.usermanuals.tech/thumb/17/104723/w64_ise-14-user-guide-1524839461_d-40.png "Page 41
application stop
Todisableaspecificapplication,usetheapplicationstopcommandinEXECmode.Todisablestoppingan
application,usethenoformofthiscommand.
application[stop{application-name}]
noapplication[stop{application-name}]
Syntax DescriptionDisablesanapplication.stop
Nameofthepredefinedapplicationthatyouwanttodisable.Supports
upto255alphanumericcharacters.
application-name
Command DefaultNodefaultbehaviororvalues.
Command ModesEXEC
Usage GuidelinesDisablesanapplication....")
![Page 43
application upgrade
Toupgradeaspecificapplicationbundle,usetheapplicationupgradecommandinEXECmode.
application[upgrade{application-bundle|remote-repository-name}]
Syntax DescriptionUpgradesaspecificapplicationbundleintheremoterepository.upgrade
Applicationname.Supportsupto255alphanumericcharacters.application-bundle
Remoterepositoryname.Supportsupto255alphanumericcharacters.remote-repository-name
Cleanspreviouslypreparedupgradebundleandpreparesanew
upgradebundle.
cleanup...](http://img.usermanuals.tech/thumb/17/104723/w64_ise-14-user-guide-1524839461_d-42.png "Page 43
application upgrade
Toupgradeaspecificapplicationbundle,usetheapplicationupgradecommandinEXECmode.
application[upgrade{application-bundle|remote-repository-name}]
Syntax DescriptionUpgradesaspecificapplicationbundleintheremoterepository.upgrade
Applicationname.Supportsupto255alphanumericcharacters.application-bundle
Remoterepositoryname.Supportsupto255alphanumericcharacters.remote-repository-name
Cleanspreviouslypreparedupgradebundleandpreparesanew
upgradebundle.
cleanup...")
![Page 46
backup
ToperformabackupincludingCiscoISEandCiscoADEOSdataandplacethebackupinarepository,use
thebackupcommandinEXECmode.
BeforeattemptingtousethebackupcommandinEXECmode,youmustcopytherunningconfiguration
toasafelocation,suchasanetworkserver,orsaveitastheCiscoISEserverstartupconfiguration.You
canusethisstartupconfigurationwhenyourestoreortroubleshootCiscoISEfromthebackupandsystem
logs.
backup[{backup-name}repository{repository-name}ise-configencryption-keyhash|plain
{encryption-keyname}]...](http://img.usermanuals.tech/thumb/17/104723/w64_ise-14-user-guide-1524839461_d-45.png "Page 46
backup
ToperformabackupincludingCiscoISEandCiscoADEOSdataandplacethebackupinarepository,use
thebackupcommandinEXECmode.
BeforeattemptingtousethebackupcommandinEXECmode,youmustcopytherunningconfiguration
toasafelocation,suchasanetworkserver,orsaveitastheCiscoISEserverstartupconfiguration.You
canusethisstartupconfigurationwhenyourestoreortroubleshootCiscoISEfromthebackupandsystem
logs.
backup[{backup-name}repository{repository-name}ise-configencryption-keyhash|plain
{encryption-keyname}]...")
application stop
Todisableaspecificapplication,usetheapplicationstopcommandinEXECmode.Todisablestoppingan
application,usethenoformofthiscommand.
application[stop{application-name}]
noapplication[stop{application-name}]
Syntax DescriptionDisablesanapplication.stop
Nameofthepredefinedapplicationthatyouwanttodisable.Supports
upto255alphanumericcharacters.
application-name
Command DefaultNodefaultbehaviororvalues.
Command ModesEXEC
Usage GuidelinesDisablesanapplication.
Ifyouhaveauto-failoverconfigurationenabledinyourdeployment,youreceivethefollowingwarning
message:
PANAutoFailoverfeatureisenabled,thereforethisoperationwilltriggerafailoverifISEservicesarenotrestartedwithinthefail-overwindow.Doyouwanttocontinue(y/n)?
Type'y'ifyouwanttocontinueor'n'ifyouwanttoabort.
Example
ise/admin#applicationstopiseStoppingISEMonitoring&TroubleshootingLogProcessor...StoppingISEMonitoring&TroubleshootingLogCollector...StoppingISEIdentityMappingService...StoppingISEpxGridprocesses...StoppingISEApplicationServer...StoppingISECertificateAuthorityService...StoppingISEProfilerDatabase...StoppingISEMonitoring&TroubleshootingSessionDatabase...StoppingISEADConnector...StoppingISEDatabaseprocesses...ise//admin#showapplicationstatusise
ISEPROCESSNAMESTATEPROCESSID--------------------------------------------------------------------DatabaseListenernotrunningApplicationServernotrunningProfilerDatabasenotrunningADConnectornotrunningM&TSessionDatabasenotrunningM&TLogCollectornotrunningM&TLogProcessornotrunningCertificateAuthorityServicedisabledpxGridInfrastructureServicenotrunning
Cisco Identity Services Engine CLI Reference Guide, Release 1.4
33
Cisco ISE CLI Commands in EXEC Mode
application stop
pxGridPublisherSubscriberServicenotrunningpxGridConnectionManagernotrunningpxGridControllernotrunningIdentityMappingServicenotrunningise//admin# Related CommandsDescriptionCommand applicationconfigure applicationinstall applicationremove applicationreset-config applicationreset-passwd applicationstart applicationupgrade showapplication Cisco Identity Services Engine CLI Reference Guide, Release 1.4 34 Cisco ISE CLI Commands in EXEC Mode application stop
application upgrade
Toupgradeaspecificapplicationbundle,usetheapplicationupgradecommandinEXECmode.
application[upgrade{application-bundle|remote-repository-name}]
Syntax DescriptionUpgradesaspecificapplicationbundleintheremoterepository.upgrade
Applicationname.Supportsupto255alphanumericcharacters.application-bundle
Remoterepositoryname.Supportsupto255alphanumericcharacters.remote-repository-name
Cleanspreviouslypreparedupgradebundleandpreparesanew
upgradebundle.
cleanup
Downloadsanupgradebundleandunzipcontentstothelocaldisk
toprepareanapplicationforanupgrade.
prepare
Applicationname.Supportsupto255alphanumericcharacters.application-bundle
Proceedswithanupgradeusingthelocalfile.proceed
Command DefaultNodefaultbehaviororvalues.
Command ModesEXEC
Usage GuidelinesUpgradesanapplication,andpreservesanyapplicationconfigurationdata.SeetheCiscoIdentityServices
EngineUpgradeGuideformoreinformation.
•Usethecleanupoption,ifyouwanttotryanotherupgradebundleincaseofafailureoruseadifferent
version.
•Usetheprepareoptiontodownloadandextractanupgradebundlelocally.
•UsetheproceedoptiontoupgradeCiscoISEusingtheupgradebundleyouextractedwiththeprepare
option.Youcanusethisoptionafterpreparinganupgradebundleinsteadofusingtheapplication
upgradecommanddirectly.
◦Ifupgradeissuccessful,thisoptionremovestheupgradebundle.
◦Ifupgradefailsforanyreason,thisoptionretainstheupgradebundle.
Ifyouissuetheapplicationupgradecommandwhenanotherapplicationupgradeoperationisinprogress,you
willseethefollowingwarningmessage:
Anexistingapplicationinstall,remove,orupgradeisinprogress.Tryagainshortly.
Cisco Identity Services Engine CLI Reference Guide, Release 1.4
35
Cisco ISE CLI Commands in EXEC Mode
application upgrade
Donotissuethebackuporrestorecommandswhenanupgradeisinprogress.Thisactionmightcause thedatabasetobecorrupted. Caution Beforeattemptingtousetheapplicationupgradecommand,youmustreadtheupgradeinstructionsinthe releasenotessuppliedwiththenewerrelease.Thereleasenotescontainimportantupdatedinstructions andtheymustbefollowed. Note Example 1 ise/admin#applicationupgradeprepareise-upgradebundle-1.4.0.205.x86_64.tar.gzupgradeGettingbundletolocalmachine...md5:a3206ad6bd0616cfa51846119d60ee7asha256:e3358ca424d977af67f8bb2bb3574b3e559ce9578d2f36c44cd8ba9e6dddfefd%PleaseconfirmabovecryptohashmatcheswhatispostedonCiscodownloadsite.%Continue?Y/N[Y]YGettingbundletolocalmachine...md5:de9e7c83679897f792ad3e9f74879c51sha256:e3358ca424d977af67f8bb2bb3574b3e559ce9578d2f36c44cd8ba9e6dddfefd Example 2 ise/admin#applicationupgradeproceedInitiatingApplicationUpgrade...%Warning:DonotuseCtrl-Corclosethisterminalwindowuntilupgradecompletes.-CheckingVMforminimumhardwarerequirementsSTEP1:StoppingISEapplication...STEP2:Verifyingfilesinbundle...-InternalhashverificationpassedforbundleSTEP3:Validatingdatabeforeupgrade...STEP4:Takingbackupoftheconfigurationdata...STEP5:RunningISEconfigurationDBschemaupgrade...-Runningdbsanitychecktofixindexcorruption,ifany... ISEDatabaseschemaupgradecompleted.STEP6:RunningISEconfigurationdataupgrade...-Dataupgradestep1/59,NSFUpgradeService(1.2.1.127)...Donein0seconds.-Dataupgradestep2/59,NetworkAccessUpgrade(1.2.1.127)...Donein0seconds.-Dataupgradestep3/59,GuestUpgradeService(1.2.1.146)...Donein50seconds.-Dataupgradestep4/59,NetworkAccessUpgrade(1.2.1.148)...Donein2seconds.-Dataupgradestep5/59,NetworkAccessUpgrade(1.2.1.150)...Donein2seconds.-Dataupgradestep6/59,NSFUpgradeService(1.3.0.100)...Donein0seconds.-Dataupgradestep7/59,RegisterPostureTypes(1.3.0.170)...Donein0seconds.-Dataupgradestep8/59,ProfilerUpgradeService(1.3.0.187)...Donein5seconds.-Dataupgradestep9/59,GuestUpgradeService(1.3.0.194)...Donein2seconds.-Dataupgradestep10/59,NetworkAccessUpgrade(1.3.0.200)...Donein0seconds.-Dataupgradestep11/59,GuestUpgradeService(1.3.0.208)...Donein2seconds.-Dataupgradestep12/59,GuestUpgradeService(1.3.0.220)...Donein0seconds.-Dataupgradestep13/59,RBACUpgradeService(1.3.0.228)...Donein15seconds.-Dataupgradestep14/59,NetworkAccessUpgrade(1.3.0.230)...Donein3seconds.-Dataupgradestep15/59,GuestUpgradeService(1.3.0.250)...Donein0seconds.-Dataupgradestep16/59,NetworkAccessUpgrade(1.3.0.250)...Donein0seconds.-Dataupgradestep17/59,RBACUpgradeService(1.3.0.334)...Donein9seconds.-Dataupgradestep18/59,RBACUpgradeService(1.3.0.335)...Donein9seconds.-Dataupgradestep19/59,ProfilerUpgradeService(1.3.0.360)......Donein215seconds.-Dataupgradestep20/59,ProfilerUpgradeService(1.3.0.380)...Donein4seconds.-Dataupgradestep21/59,NSFUpgradeService(1.3.0.401)...Donein0seconds.-Dataupgradestep22/59,NSFUpgradeService(1.3.0.406)...Donein0seconds.-Dataupgradestep23/59,NSFUpgradeService(1.3.0.410)...Donein1seconds.-Dataupgradestep24/59,RBACUpgradeService(1.3.0.423)...Donein0seconds.-Dataupgradestep25/59,NetworkAccessUpgrade(1.3.0.424)...Donein0seconds. Cisco Identity Services Engine CLI Reference Guide, Release 1.4 36 Cisco ISE CLI Commands in EXEC Mode application upgrade
-Dataupgradestep26/59,RBACUpgradeService(1.3.0.433)...Donein1seconds.-Dataupgradestep27/59,EgressUpgradeService(1.3.0.437)...Donein0seconds.-Dataupgradestep28/59,NSFUpgradeService(1.3.0.438)...Donein0seconds.-Dataupgradestep29/59,NSFUpgradeService(1.3.0.439)...Donein0seconds.-Dataupgradestep30/59,CdaRegistration(1.3.0.446)...Donein2seconds.-Dataupgradestep31/59,RBACUpgradeService(1.3.0.452)...Donein17seconds.-Dataupgradestep32/59,NetworkAccessUpgrade(1.3.0.458)...Donein0seconds.-Dataupgradestep33/59,NSFUpgradeService(1.3.0.461)...Donein0seconds.-Dataupgradestep34/59,CertMgmtUpgradeService(1.3.0.462)...Donein3seconds.-Dataupgradestep35/59,NetworkAccessUpgrade(1.3.0.476)...Donein0seconds.-Dataupgradestep36/59,NSFUpgradeService(1.3.0.508)...Donein0seconds.-Dataupgradestep37/59,RBACUpgradeService(1.3.0.509)...Donein17seconds.-Dataupgradestep38/59,NSFUpgradeService(1.3.0.526)...Donein0seconds.-Dataupgradestep39/59,NSFUpgradeService(1.3.0.531)...Donein0seconds.-Dataupgradestep40/59,MDMUpgradeService(1.3.0.536)...Donein0seconds.-Dataupgradestep41/59,NSFUpgradeService(1.3.0.554)...Donein0seconds.-Dataupgradestep42/59,NetworkAccessUpgrade(1.3.0.561)...Donein4seconds.-Dataupgradestep43/59,RBACUpgradeService(1.3.0.563)...Donein20seconds.-Dataupgradestep44/59,CertMgmtUpgradeService(1.3.0.615)...Donein0seconds.-Dataupgradestep45/59,CertMgmtUpgradeService(1.3.0.616)...Donein22seconds.-Dataupgradestep46/59,CertMgmtUpgradeService(1.3.0.617)...Donein2seconds.-Dataupgradestep47/59,OcspServiceUpgradeRegistration(1.3.0.617)...Donein0seconds.-Dataupgradestep48/59,NSFUpgradeService(1.3.0.630)...Donein0seconds.-Dataupgradestep49/59,NSFUpgradeService(1.3.0.631)...Donein0seconds.-Dataupgradestep50/59,CertMgmtUpgradeService(1.3.0.634)...Donein0seconds.-Dataupgradestep51/59,RBACUpgradeService(1.3.0.650)...Donein8seconds.-Dataupgradestep52/59,CertMgmtUpgradeService(1.3.0.653)...Donein0seconds.-Dataupgradestep53/59,NodeGroupUpgradeService(1.3.0.655)...Donein1seconds.-Dataupgradestep54/59,RBACUpgradeService(1.3.0.670)...Donein4seconds.-Dataupgradestep55/59,ProfilerUpgradeService(1.3.0.670)...Donein0seconds.-Dataupgradestep56/59,NSFUpgradeService(1.3.0.676)...Donein0seconds.-Dataupgradestep57/59,AuthzUpgradeService(1.3.0.676)...Donein10seconds.-Dataupgradestep58/59,GuestAccessUpgradeService(1.3.0.676)......Donein231seconds.-Dataupgradestep59/59,ProvisioningUpgradeService(1.3.105.181)...Donein51seconds.STEP7:RunningISEconfigurationdataupgradefornodespecificdata...STEP8:RunningISEM&TDBupgrade...ISEDatabaseMntschemaupgradecompleted. GatheringConfigschema(CEPM)stats......GatheringOperationalschema(MNT)stats.....StoppingISEDatabaseprocesses...%NOTICE:TheappliancewillreboottwicetoupgradesoftwareandADE-OS.Duringthistimeprogressoftheupgradeisvisibleonconsole.Itcouldtakeupto30minutesforthistocomplete.RebootingtodoIdentityServiceEngineupgrade... Related CommandsDescriptionCommand applicationconfigure applicationinstall applicationremove applicationreset-config applicationreset-passwd applicationstart applicationstop showapplication Cisco Identity Services Engine CLI Reference Guide, Release 1.4 37 Cisco ISE CLI Commands in EXEC Mode application upgrade
backup
ToperformabackupincludingCiscoISEandCiscoADEOSdataandplacethebackupinarepository,use
thebackupcommandinEXECmode.
BeforeattemptingtousethebackupcommandinEXECmode,youmustcopytherunningconfiguration
toasafelocation,suchasanetworkserver,orsaveitastheCiscoISEserverstartupconfiguration.You
canusethisstartupconfigurationwhenyourestoreortroubleshootCiscoISEfromthebackupandsystem
logs.
backup[{backup-name}repository{repository-name}ise-configencryption-keyhash|plain
{encryption-keyname}]
backup[{backup-name}repository{repository-name}ise-operationalencryption-keyhash|plain
{encryption-keyname}]
Note
Syntax DescriptionNameofbackupfile.Supportsupto100alphanumericcharacters.backup-name
Specifiesrepositorytostorethebackupfile.repository
Locationwherethefilesshouldbebackedupto.Supportsupto80
alphanumericcharacters.
repository-name
BacksupCiscoISEconfigurationdata(includesCiscoISEADE-OS).ise-config
BacksupCiscoISEoperationaldata.ise-operational
Specifiesuser-definedencryptionkeytoprotectthebackup.encryption-key
Specifies(Hashedencryptionkeyforprotectionofbackup)an
encrypted(hashed)encryptionkeythatfollows.Supportsupto40
characters.
hash
Specifies(Plaintextencryptionkeyforprotectionofbackup)an
unencryptedplaintextencryptionkeythatfollows.Supportsupto15
characters.
plain
Anencryptionkeyinhash|plainformatforbackup.encryption-keyname
Command DefaultNodefaultbehaviororvalues.
Command ModesEXEC
Cisco Identity Services Engine CLI Reference Guide, Release 1.4
38
Cisco ISE CLI Commands in EXEC Mode
backup
Usage GuidelinesYoucanencryptanddecryptbackupsnowbyusinguser-definedencryptionkeyswhenyouperformabackup ofCiscoISEandCiscoADEOSdatainarepositorywithanencrypted(hashed)orunencryptedplaintext passwordwithise-config.ToperformabackupofonlytheCiscoISEapplicationdatawithouttheCiscoADE OSdata,usetheise-operationalcommand. YoucanbackupCiscoISEoperationaldataonlyfromtheprimaryorsecondaryMonitoringnodes. Whenperformingabackupandrestore,therestoreoverwritesthelistoftrustedcertificatesonthetarget systemwiththelistofcertificatesfromthesourcesystem.Itiscriticallyimportanttonotethatbackup andrestorefunctionsdonotincludeprivatekeysassociatedwiththeInternalCertificateAuthority(CA) certificates. Ifyouareperformingabackupandrestorefromonesystemtoanother,youwillhavetochoosefromone oftheseoptionstoavoiderrors: Important •Option1: ExporttheCAcertificatesfromthesourceISEnodethroughtheCLIandimportthemintothetarget systemthroughtheCLI. Pros:Anycertificatesissuedtoendpointsfromthesourcesystemwillcontinuetobetrusted.Any newcertificatesissuedbythetargetsystemwillbesignedbythesamekeys. Cons:Anycertificatesthathavebeenissuedbythetargetsystempriortotherestorefunctionwill notbetrustedandwillneedtobere-issued. •Option2: Aftertherestoreprocess,generateallnewcertificatesfortheinternalCA. Pros:Thisoptionistherecommendedandcleanmethod,whereneithertheoriginalsourcecertificates ortheoriginaltargetcertificateswillbeused.Certificatesissuedbytheoriginalsourcesystemwill continuetobetrusted. Cons:Anycertificatesthathavebeenissuedbythetargetsystempriortotherestorefunctionwill notbetrustedandwillneedtobere-issued. Related CommandsDescriptionCommand backup-logs repository restore showbackup showrepository showrestore Cisco Identity Services Engine CLI Reference Guide, Release 1.4 39 Cisco ISE CLI Commands in EXEC Mode backup
Backing up Cisco ISE Configuration Data TobackupCiscoISEconfigurationdata,usethefollowingcommand: backupmybackuprepositorymyrepositoryise-configencryption-keyplainlablab12 Example ise/admin#backuptestrepositorydiskise-configencryption-keyplainTest_1234InternalCAStoreisnotincludedinthisbackup.Itisrecommendedtoexportitusing"applicationconfigureise"CLIcommandCreatingbackupwithtimestampedfilename:test-CFG-141006-1350.tar.gpgbackupinprogress:StartingBackup...10%completedbackupinprogress:ValidatingISENodeRole...15%completedbackupinprogress:BackingupISEConfigurationData...20%completedbackupinprogress:BackingupISELogs...45%completedbackupinprogress:CompletingISEBackupStaging...50%completedbackupinprogress:BackingupADEOSconfiguration...55%completedbackupinprogress:MovingBackupfiletotherepository...75%completedbackupinprogress:CompletingBackup...100%completedise/admin# Cisco Identity Services Engine CLI Reference Guide, Release 1.4 40 Cisco ISE CLI Commands in EXEC Mode Backing up Cisco ISE Configuration Data
Backing up Cisco ISE Operational Data TobackupCiscoISEoperationaldata,usethefollowingcommand: backupmybackuprepositorymyrepositoryise-operationalencryption-keyplainlablab12 Example ise/admin#backupmybackuprepositorymyrepositoryise-operationalencryption-keyplainlablab12backupinprogress:StartingBackup...10%completedCreatingbackupwithtimestampedfilename:mybackup-OPS-130103-0019.tar.gpgbackupinprogress:startingdbbackupusingexpdp.......20%completedbackupinprogress:startingcarslogic.......50%completedbackupinprogress:MovingBackupfiletotherepository...75%completedbackupinprogress:CompletingBackup...100%completedise/admin# Cisco Identity Services Engine CLI Reference Guide, Release 1.4 41 Cisco ISE CLI Commands in EXEC Mode Backing up Cisco ISE Operational Data
backup-logs
Tobackupsystemlogs,usethebackup-logscommandinEXECmode.Toremovethisfunction,usetheno
formofthiscommand.
Beforeattemptingtousethebackup-logscommandinEXECmode,youmustcopytherunning
configurationtoasafelocation,suchasanetworkserver,orsaveitastheCiscoISEserverstartup
configuration.YoucanusethisstartupconfigurationwhenyourestoreortroubleshootCiscoISEfrom
thebackupandsystemlogs.
Note
backup-logsbackup-namerepositoryrepository-name{encryption-key{hash|plain}encryption-key
name}
Syntax DescriptionNameofoneormorefilestobackup.Supportsupto100
alphanumericcharacters.
backup-name
Repositorycommand.repository
Locationwherefilesshouldbebackedupto.Supportsupto80
alphanumericcharacters.
repository-name
Specifiestheencryptionkeytoprotectthebackuplogs.encryption-key
Hashedencryptionkeyforprotectionofbackuplogs.Specifiesan
encrypted(hashed)encryptionkeythatfollows.Supportsupto40
characters.
hash
Plaintextencryptionkeyforprotectionofbackuplogs.Specifiesan
unencryptedplaintextencryptionkeythatfollows.Supportsupto15
characters.
plain
Theencryptionkeyinhashorplainformat.encryption-keyname
Command DefaultNodefaultbehaviororvalues.
Command ModesEXEC
Usage GuidelinesBacksupsystemlogswithanencrypted(hashed)orunencryptedplaintextpassword.
Example 1
ise/admin#backup-logsTestrepositorydiskencryption-keyplainTest_1234%Creatinglogbackupwithtimestampedfilename:Test-141006-1351.tar.gpg
Cisco Identity Services Engine CLI Reference Guide, Release 1.4
42
Cisco ISE CLI Commands in EXEC Mode
backup-logs