Monitor FTD or FMC Upgrade Status via CLI

Available Languages

Download Options

  • PDF     (622.1 KB)
    View with Adobe Reader on a variety of devices
  • ePub     (765.6 KB)
    View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
  • Mobi (Kindle)     (609.1 KB)
    View on Kindle device or Kindle app on multiple devices
Updated:July 23, 2024
Document ID:222183

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

    Introduction

    This document describes how to monitor the progress of a Firepower Threat Defense (FTD) or Firewall Management Center (FMC) device upgrade via CLI.

    Are There Ways to Monitor the Progress of an Ongoing Service Upgrade Outside of the FMC GUI?

    Yes, the ability to monitor the progress of an ongoing upgrade is available via the CLI of the device. When an upgrade is pushed to an FMC managed device (or the FMC itself), a directory associated with the upgrade is created on the device. Included in this directory is a status.log file which can be monitored for progress throughout the upgrade. These instructions walk through how to access and monitor the status of an upgrade via CLI.

    Prerequisites

    Requirements

    Cisco recommends that you have knowledge of these topics:

    • Firepower Threat Defense (FTD)
    • Firewall Management Center (FMC)

    Components Used

    • FMC 4600 version 7.2.5
    • FTD 2110 version 7.0.4
    • Note: Instructions applicable to all FTD/FMC versions.

    The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, ensure that you understand the potential impact of any command.

    Instructions

    Push Upgrade from the FMC GUI

    The upgrade needs to be pushed from the FMC GUI prior to the upgrade directory becoming available via the device CLI.

    Enter Root Prompt of the Device

    Whether connected to the device via SSH or console, from the prompt, type expert followed by sudo su and the password to enter root:

    CLI PromptsCLI Prompts

    Navigate to the Directory Associated with Upgrade

    FTD: The directory is /ngfw/var/log/sf/Cisco_FTD_SSP_FP2K_Upgrade-7.2.5

    FTD Directory ExampleFTD Directory Example

    FMC: The directory is /var/log/sf/Cisco_Secure_FW_Mgmt_Center_Patch-7.2.5.2

    FMC Directory ExampleFMC Directory Example

    Note: The final part of the directory path depends on different factors including software, platform, and version.

    Once in the Directory, Tail the Existing status.log File

    Command: tail -f status.log

    FTD:

    FTD status.logFTD status.log

    FMC:

    FMC status.logFMC status.log

    note-icon

    Note: The status.log file automatically updates as the upgrade progresses.

    Additional Information

    FMC version 7.2+ now includes the ability to monitor the upgrade progress of managed devices directly from the FMC GUI. Once an update is pushed, navigate the the FMC GUI notification tab and locate the task associated with the upgrade. Clicking the view details option on the task opens a monitoring window specific to the upgrade.


    FMC GUI Upgrade TaskFMC GUI Upgrade Task

    The monitoring window includes useful information for the upgrade in progress. Information includes upgrade details, upgrade stages, progress percentages, and log details from the status.log file.

    FMC GUI Upgrade Monitoring WindowFMC GUI Upgrade Monitoring Window

    Revision History

    Revision Publish Date Comments
    1.0
    23-Jul-2024
    Initial Release
    TAC Authored

    Contributed by Cisco Engineers

    • Nathan Sloneker
      Technical Consulting Engineer

    Was this Document Helpful?

    FeedbackFeedback

    Contact Cisco

    This Document Applies to These Products