Security

Is there a report than can be ran to determine what endpoints are being cleaned up from the database durring the cleanup cycle?

Thanks,

Chris

---

@ccalhounwrote:

Is there a report than can be ran to determine what endpoints are being cleaned up from the database durring the cleanup cycle?

 

Thanks,

Chris

---

I believe they would appear in the Audit Viewer.

Monitoring -> Audit Viewer

Ok I have been watching that and also created a configuration change report. I changed the endpoint cleanup policy but am not seeing any changes on old stale endpoints. 

Are these Known or Unknown endpoints?

We use Guest with mac caching which creates Known endpoints that are expected to be cleaned up with the Known Endpoints cleanup interval. The interval is based on when the endpoint was last modified.

Since we currently use Endpoints for registered mac address authentication, we cannot use that cleanup option. We periodically run a script that uses the REST API to cleanup any guest endpoints that no longer have a corresponding guest account.

I believe that, by defalt, the cleanup runs at 1 AM daily.

I wanted to start with just unknown endpoints. I set that to 7 days and I still have items which are over 7 days old listed in the endpoint database.

I am also using MAC caching for guests. So I have to be careful with the known endpoint cleanup. 

Here is how I have it set currently.

Just to clarify I have had it set for several weeks because I figured the job was not running constantly and had a start point.

With Unknown Endpoint cleanup set to 7 days I would expect endpoints at up to 8 days since the cleanup only runs once a day.

The endpoints that would normally expire between intervals get caught at the next cleanup.

Thats what I figured. I will just monitor it tonight. I am not sure what caused the accepted solution to take place. 

Thanks,

Chris

You probably missed the Reply button & hit Accept as Solution.

Yea sorry about that. After watching last night. I did not see any cleanup processes take place around 1AM. Maybe I am missing something to kick those off or a service is not running. 

Weird.

Under "Administration -> Server Manager -> Local Shared Folders -> Backup files" do you see anything? My files are dated around 1:30AM

I assumed the cleanup jobs run about the same time. It would make sense to clean up before backing up.

Perhaps a call to TAC would help resolve this. If they do ot know they can verify with Engineering.

Yea I definely don't have anything listed in automated backup files either. I only see stuff that I have kicked off in the backup files folder.

Let me check with TAC.

Thanks,

Chris

It sounds like you have something amiss.

I generally include my Aruba SE on any TAC emails so they are informed of the situation too. Sometimes they can use other resources to release a logjam.

Check "Administration -> Sertver Manager -> Server Configuration -> Cluster-Wide Parameters -> Database -> Auto backup configuration options". Mine is set to "Config|Session" but there is an Off option. Default is Config.

Mine was set to config. I set it to Off and Saved it. Then I set it to Config|Session. I will put a case in anyhow and see what they say. Will monitor.

Thanks,

Chris