Skip to content
  • There are no suggestions because the search field is empty.

Upgrade Precheck instructions for customers upgrading from 11.6.x to NetWitness 11.7.1

Tags: Documentation, Version 11.6

Version: 11.6.x.x
Improvement: Pre check upgrade tool is used to identify any issues that may result in the upgrade failure and check the health of node 0 and node-x services status. It includes network checklist that identifies open and listening ports on node-0 and node-x.
The “Pre-upgrade checks” verifies the following:
Upgrade Checklist:
  1. Security client file check - Ensures security-client-amqp.yml file is not present.
  2. node 0 NW service-id status - Ensures all the service-ids are intact.
  3. Node 0 NW services status - Check the status of all the services on node 0.
  4. Broker service Trustpeer symlink - Ensures broker symlink file (/etc/netwitness/ng/broker/trustpeers/) is not broken.
  5. Yum external repo check - Ensures external repos are not present and not enabled.
  6. Node - 0 RPM DB index check - Checks if the RPM DB is corrupted.
  7. Salt master communication - Verifies the salt communication from node 0 to all the nodes.
  8. Node 0 certificate check - Checks if any certificates are missing, expired, or invalid issuer type.
  9. Mongo authentication - Validates the deploy_admin credentials fetched from security-cli-client using mongo client.
  10. Rabbitmq authentication - Validates the deploy_admin credentials fetched from security-cli-client using RabbitMQ
  11. Node-X NW Service Status - To check the status of services [Active/In Active] on all the node-x.
  12. Node-X Certificates Check - To validate expiry, missing, corrupted and issuer mismatch of certs in all categories of node-x.
  13. Nodes CPU-Memory Info - To provide CPU and Memory details of all the nodes along with the real-time available memory.
  14. Node-0 File System Utilization - Verifying disk partition utilization for /var/netwitness/mongo', '/var/netwitness' and root, for node-0.
  15. Node-x File System Utilization - Verifying disk partition utilization for /var/netwitness/mongo', '/var/netwitness' and root, on node-x(Endpoint Loghybrid and ESA).
  16. Mongo File [ESAPrimary]To check if the system/stack has ESA Primary node, if yes verify the permission mode of mongo file.
  17. Orchestration-Server Normal Mode - To verify if the orchestration service is running in normal mode or safe mode.
  18. Node-0 Init status - To check if there are any issues that might cause failure in init process.
  19. Fips Mode Check - Checks to ensure that the Fips mode is disabled (set to false) before and after upgrade.
  20. Node-X RPM DB Index Check - Checks for status of RPM DB on Node-X to ensure that it is not corrupt.
  21. Node-Z Yum Proxy Check - Checks for the existence of yum.conf file and presence of proxy within the file on Node -Z.
  22. Node-X Yum Proxy Check - Checks for the existence of yum.conf file and presence of proxy within the file on Node -X.
Network checklist:
  1. Node -0 closed ports - Checks if service ports required for NW services are open and listening on node-0
  2. Node -x closed ports - Checks if service ports required for NW services are open and listening on node-X
Steps to install HF:
  1. SSH to Admin server box and place the HF rpm file under /root
  2. Use the below command to check if RPM is already installed:
    • rpm -qa | grep rsa-nw-precheck-hotfix-1.0.0
  3. If rpm is not installed previously then use:
    • rpm -ivh rsa-nw-prechecks-hotfix-1.1.0-2204041110.5.7902dd4.el7.noarch.rpm
  4. If customer has already installed previous version of HF < rsa-nw-prechecks-hotfix-1.0.0-2110120940.5.52f9525.el7.noarch.rpm>, then customer has to update the latest rpm using the below command:
    • rpm -Uvh rsa-nw-prechecks-hotfix-1.1.0-2204041110.5.7902dd4.el7.noarch.rpm
  5. Execute the following command:
    1. For Upgrade checklist run this command: nw-precheck-tool upgrade-checklist
    2. For network checklist run this command: nw-precheck-tool network-checklist
  6. Verify the logs are updated properly in:
    • /var/log/netwitness/precheck-tool/checklist.log
NOTE: Whenever you are trying to upgrade to next version, please uninstall the HF rpm using below command without fail:
rpm -qa | grep prechecks-hotfix | xargs -I{} yum remove -y {}