I love FirePower! It’s great! But every now and then FirePower Management Center gets rebooted during a deployment, and the FMC wants to push the config so much that it will keep on trying for a few thousand hours! While we appreciate the effort, this is a quick way to tell FMC to take a break.

In this case the deployment to Q9-FPA2110-C01 has been going on for the better part of a year!

To get rid of this, we will be messing with the FMC database, so make a snapshot/backup if you care about the database exploding.

Basically what has happened here is that the actual task is dead but notification has never been cleared for some reason (reboot etc).

First we’ll log into the FMC and move to root.

Cisco Fire Linux OS v6.4.0 (build 2)
Cisco Firepower Management Center for VMWare v6.4.0.1 (build 17)

admin@FMC01:~$ sudo su -
Password:

Now we use the OmniQuery.pl tool to query the database and grep for “\ 7\ ” to find the running tasks. Find the uuid of the task that is running, for simplicity I just have the one task listed.

root@FMC01:~# OmniQuery.pl -db mdb -e "select status,category,hex(uuid),body from notification;" | grep "\ 7\ "
| 7 | task:category.149 | 000000610000BD2B000000600000009E | {"literal":null,"arguments":{"DEVICE":"Q9-FPA2110-C01"},"property":"task:ngfw_in_progress"} |

Then we make a query that deletes that notification, just like so

root@FMC01:~# OmniQuery.pl -db mdb -e 'delete from notification where uuid=unhex("000000610000BD2B000000600000009E");' 
Command executed but returns no results.

Now if we check again the task is gone!

root@FMC01:~# OmniQuery.pl -db mdb -e "select status,category,hex(uuid),body from notification;" | grep "\ 7\ "