This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
NetWitness Knowledge Base Archive
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- NetWitness Community
- NetWitness Knowledge Base Archive
- How to recreate the RSA Security Analytics updates repository
-
Options
- Subscribe to RSS Feed
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
How to recreate the RSA Security Analytics updates repository
Article Number
000028967
Applies To
RSA Product Set: Security Analytics
RSA Product/Service Type: Security Analytics Server
RSA Version/Condition: 10.3.x, 10.4.x
Platform: CentOS
O/S Version: EL6
RSA Product/Service Type: Security Analytics Server
RSA Version/Condition: 10.3.x, 10.4.x
Platform: CentOS
O/S Version: EL6
Issue
When attempting to upgrade to a version that is not the newest release and inadvertently hitting the 'Synchronize' button, the RPMs from the current version are downloaded.
The yum check-update command lists the latest version updates, even though the download package for another version was manually downloaded in order to be applied to the appliances.
Example: The Updates repository in the Security Analytics UI shows all 10.3.4 RPM files, but when issuing the yum check-update command it shows 10.4 files.
A reset of the Security Analytics repository may also be necessary in version 10.4.x in special circumstances, such as to remove the 2014 Q4 Security Patch from the repository based on the SecurCare Online advisories entitled RSA Security Analytics Q4 Security Patch Issues and Updates for two issues identified with the Security Analytics Q4 2014 Security Patch.
CAUTION:
If upgrading from version 10.3.x to Security Analytics 10.4.0.2 or 10.4.1 and the Q4 2014 Security Patch has already been applied, the repository should NOT be recreated with the steps below.
If the repository has already been cleared, follow the instructions in the the article entitled How to upgrade to RSA Security Analytics 10.4.0.2 or 10.4.1 from 10.3.x when the Q4 2014 Security Patch is already installed to resolve the issue.
The yum check-update command lists the latest version updates, even though the download package for another version was manually downloaded in order to be applied to the appliances.
Example: The Updates repository in the Security Analytics UI shows all 10.3.4 RPM files, but when issuing the yum check-update command it shows 10.4 files.
A reset of the Security Analytics repository may also be necessary in version 10.4.x in special circumstances, such as to remove the 2014 Q4 Security Patch from the repository based on the SecurCare Online advisories entitled RSA Security Analytics Q4 Security Patch Issues and Updates for two issues identified with the Security Analytics Q4 2014 Security Patch.
CAUTION:
If upgrading from version 10.3.x to Security Analytics 10.4.0.2 or 10.4.1 and the Q4 2014 Security Patch has already been applied, the repository should NOT be recreated with the steps below.
If the repository has already been cleared, follow the instructions in the the article entitled How to upgrade to RSA Security Analytics 10.4.0.2 or 10.4.1 from 10.3.x when the Q4 2014 Security Patch is already installed to resolve the issue.
Task
This article provides instructions for resetting the Security Analytics repository.
Resolution
The steps below can be performed to reset the repository data on the RSA Security Analytics server.
If you are unsure of any of the steps above or experience any issues, contact RSA Support and quote this article number for further assistance.
- Disable auto-sync.
- In the Security Analytics UI, navigate to Administration -> System -> Updates and click on the Settings tab.
- Uncheck the Enable option for the smcupdate.emc.com repository and click the Apply button.
- Remove the Remote RPMs on the Security Analytics server.
- Connect to the Security Analytics server appliance via SSH as the root user.
- Navigate to the appropriate directory with the following command: cd /var/netwitness/srv/www/rsa/updates/RemoteRPMs
- Issue the following command to remove all files in the directory: rm -rf *
- Remove the user-uploaded RPMs on the Security Analytics server.
- Connect to the Security Analytics server appliance via SSH as the root user.
- Navigate to the appropriate directory with the following command: cd /var/netwitness/srv/www/rsa/updates/SAUserUploaded
- Issue the following command to remove all files in the directory: rm -rf *
- Recreate the repository.
- Navigate to the appropriate directory with the following command: cd /var/netwitness/srv/www/rsa/updates
- Issue the following command to create the repository in the current directory: createrepo .
- Click on the Settings tab, check the Enable option, and click the Apply button.
- In the Security Analytics UI, navigate to Administration -> System -> Updates and click on the Synchronize Now button to synchronize the repository with smcupdate.emc.com.
If you are unsure of any of the steps above or experience any issues, contact RSA Support and quote this article number for further assistance.
Notes
If upgrading to a Security Analytics 10.3 service pack and the yum utility must be used to perform the update as opposed to the Security Analytics UI, do not perform steps 5 and 6 in the above instructions,and instead follow the additional steps below.
- In the Security Analytics UI, navigate to Administration -> System -> Updates and click on the Manual Updates tab.
- Upload the correct zip file with the RPMs and click the Apply button to upload them.
- After a few minutes, return to the SSH session for the applicable appliance(s) and issue the yum clean all command.
- Issue the yum check-update command, at which point only the uploaded RPMs should be listed.
- The update can then be performed by issuing the command yum update -y on the appropriate appliance(s).
Tags (33)
- Appliance
- Broker
- Broker Appliance
- Core Appliance
- Customer Support Article
- Head Unit
- HeadUnit
- KB Article
- Knowledge Article
- Knowledge Base
- NetWitness
- NetWitness Appliance
- NetWitness Broker
- NetWitness Head Unit
- NetWitness Platform
- NetWitness Server
- NetWitness UI
- NW
- NW Appliance
- NwBroker
- RSA NetWitness
- RSA NetWitness Platform
- RSA NetWitness UI
- RSA Security Analytics
- RSA Security Analytics UI
- Security Analytics
- Security Analytics Server
- Security Analytics UI
- SIEM
- UI
- UI Server
- User Interface
- Web Interface
No ratings
