The Backup process for upgrading RSA SA 10.6.6 to RSA NetWitness 11.3 basically captures all the configuration for all RSA SA servers. This configuration information includes IP, subnet and other network and other information as well, right?
Correct. Like you noted here, it's primarily config with the exception of the ESA Alerts/Incidents. This is because these are inside of mongo and we back up the entirety of the mongo databases. This is the only thing that I remember is self contained in the backup that is created by the script. The rest of the collected data, as you already stated, is covered in your next question.
Now, once the 11.3 VM is setup, we migrate the HDDs of the corresponding 10.6.6 VM to the 11.3 VM, which basically means we're migrating all the log and meta data from the 10.6.6 VM to the 11.3 VM, right? So, for instance if I migrate the 10.6.6 VM HDDs of the Archiver to the 11.3 Archiver, I shall have all the logs and meta available on the new 11.3 Archiver machine, correct?
Also correct. This is where you would migrate your metadb, sessiondb, and packetdb files of all core devices. Core devices being Decoders, Concentrators, Brokers, and Archivers.
Additionally, after we've setup the VM, and before running nwsetup-tui we restore the backed up configuration on the VM, which should assign the same network (including IP and subnet) and other info to the new 11.3 VM, as was assigned to the corresponding old 10.6.6 VM, right?
This is correct. Please do not attempt to change IP information while doing this upgrade as the IP information is scattered throughout the config files themselves, not just the CentOS network scripts. Conducting this change is unsupported and I can promise you is no fun to deal with.
You are free to change IP information after the upgrade has been completed as we have a process in the 11.3 Administration Guides.
