Troubleshooting

Cyber Vision pxGrid agent advanced logs

A pxGrid agent advanced log is a diagnostic file that

  • records detailed debug-level events and errors for the pxGrid agent and sbs-burrow services,

  • provides information about connection issues between Cisco ISE and Cyber Vision, and

  • enables the Product Support and Technical Assistance Center (TAC) teams to troubleshoot issues.

Usage

Use pxGrid agent logs to troubleshoot communication issues between Cyber Vision and Cisco ISE. You can view relevant events, recorded errors, and the current status of the pxGrid agent service in these logs.

View these logs using one of these two methods.

  • Access the Cyber Vision Center CLI and run:

    journalctl -u pxgrid-agent

  • From the Cyber Vision main menu, choose System statistics > Center and click Download diagnostic.

A common error message:
pxgrid-agent Failed to start pxGrid agent, err: Pubsub service not available [caller=main.go:108]

This message indicates that the Pubsub service required for pxGrid integration is not available. As a result, the agent cannot establish the necessary connection between Cyber Vision and Cisco ISE.

Enable advanced logs for pxGrid agent and Burrow services

Enable debug-level logging for pxGrid agent and sbs-burrow services.

Advanced logs help you troubleshoot connection issues within Cyber Vision deployments.

Before you begin

Ensure you have SSH access to the Cyber Vision Center.

Procedure

Step 1

Access the Cyber Vision Center by using Secure Shell (SSH).

Step 2

Navigate to the /data/etc/sbs directory.

Step 3

Create a file named listener.conf with this content: 

# /data/etc/sbs/listener.conf
            configlog:
             loglevel: debug

Note

 

Enter the log level value in lower case only.

Step 4

Create a file named pxgrid-agent.conf with the same content: 

# /data/etc/sbs/pxgrid-agent.conf
            configlog:
             loglevel: debug

Note

 

Enter the log level value in lower case only.

Step 5

Restart the sbs-burrow and pxgrid-agent services using the following command:

systemctl restart <servicename>

Advanced logging is enabled. You can access detailed diagnostics to troubleshoot issues.

Download and manage advanced logs in Cisco ISE

Access and manage advanced log files on your Cisco ISE node to troubleshoot issues and monitor operations.

Use this procedure to view available advanced log files, download specific logs for review, or remove logs that are no longer needed from the appliance.

Before you begin

Identify the node from which you want to retrieve or manage logs.

Procedure

Step 1

From Cisco ISE main menu, choose Operations > Troubleshoot > Download Logs.

Step 2

Select the appropriate node from the Appliance node list.

Step 3

Click Debug Logs to view available advanced log files.

Step 4

Expand folders to view specific log files, such as pxgrid, pxgriddirect-connector, and pxgriddirect-service.

Step 5

To download a log file, click the desired log file name.

Step 6

To delete log files, check the box next to each log file you want to delete.

Step 7

Click Delete to remove the selected log files.

After you select log files, your system downloads them for further analysis or deletes them from the appliance.

What to do next

  • If you downloaded log files, review them to investigate issues or provide to Cisco Support as needed.

  • If you deleted log files, confirm you removed only unnecessary files to maintain essential log history.

Replace the pxGrid certificate in Cyber Vision and Cisco ISE

Use this procedure to:

  • Synchronize the pxGrid client certificate updates between Cyber Vision and Cisco ISE for secure and uninterrupted communication.

  • Replace expired or compromised client certificates.

  • Update certificate information when changing the Cisco ISE pxGrid node.

When you replace the pxGrid certificate in Cyber Vision, the system immediately uses the new certificate. However, the pxGrid client in Cisco ISE still expects the old certificate, which causes authentication failures. Use this procedure to synchronize certificate updates and avoid connectivity issues.

Procedure

Step 1

Generate a new client certificate in Cisco ISE when the current certificate expires or needs replacement.

See Generate a client certificate in Cisco ISE.

Step 2

Import the new client certificate into Cyber Vision.

See Configure pxGrid integration and generate a client certificate in Cyber Vision.

Step 3

From the Cisco ISE main menu, choose Administration > pxGrid Services > Client Management.

Step 4

Select the pxGrid client associated with Cyber Vision.

Step 5

Click Trash and select Selected to delete the client.

After you complete these steps, Cyber Vision Center uses the new certificate to register with Cisco ISE. The pxGrid logs no longer show 401 errors.

What to do next

  • Confirm successful registration and verify communication between Cyber Vision and Cisco ISE. From the Cyber Vision main menu, choose Admin > Integrations > ISE – pxGrid and check Pull service status and Push service status.

  • Check the pxGrid logs for any authentication errors. In the Cyber Vision Center CLI, run:

    journalctl -u pxgrid-agent