For IBM Security QRadar Risk Manager, Cisco IOS devices do not backup as expected, and they display the message: "ERROR - Device backup failed"
A terminal emulation issue is preventing the Cisco IOS devices from performing a backup. This issue causes control characters in the stream (^H) when the "--More--" prompt is displayed.
Diagnosing The Problem
In the ziptieServer.log (/usr/share/ziptieServer.log), administrators will see attempted backups for devices "10.10.10.50" device, which keep failing:
[BackupJob] [ZipTieScheduler_Worker-1 ] <@> INFO - Starting Backup Job '_interactive.Backup Devices (Run now ID1102)'
[attempt ] [Running-3 (10.10.10.50@Default)] <@> INFO - Attempting adapter operation (backup) against device 10.10.10.50@Default with protocol set 'SSH' and credential set 'default set' using adapter ZipTie::Adapters::Cisco::IOS
[BackupJob] [ZipTieScheduler_Worker-1 ] <@> INFO - Completed Backup Job '_interactive.Backup Devices (Run now ID1102)'
[BackupJob] [Idle-3 ] <@> WARN - Backup 10.10.10.50@Default in Job '_interactive.Backup Devices (Run now ID1102)' completed with exception
[failure ] [Idle-3 ] <@>ERROR - Device backup failed: id=477, adminIp=10.10.10.50
13-08-09 12:00:04,250 [complete ] [ZipTieScheduler_Worker-1 ] <@> INFO - Job finished: Backup Devices (Run now ID1102)._interactive (class org.ziptie.server.job.backup.BackupJob)
Resolving The Problem
By adding "terminal length 0" to your device authorized command set you will then be able to backup. This eliminates the "--More--" prompt. The adapter is written to handle "--More--" but does not expect the control characters.
Where do you find more information?
Was this topic helpful?
16 June 2018