You must run the pre-upgrade checks before you upgrade to NetWitness 12.3.0.0 to identify any issues that may result in upgrade failure.
To run the pre-upgrade checks, perform the following:
-
Log in to Admin console.
-
Run the following command:
nw-precheck-tool upgrade-checklist
The pre-upgrade checks verifies the following:
Upgrade Checklist
-
(Component Hosts) Node X NW Service Status - Verifies the status of services (Active or In Active) on all the Node X.
-
(Component Hosts) Node X Certificates Check - Checks the certificate expiry, missing, corrupted, and issuer mismatch in all categories of Node X.
-
Nodes CPU-Memory Info - Provides CPU and Memory details of all the nodes along with the real-time available memory.
-
(Admin Server) Node 0 File System Utilization - Verifies the disk partition utilization of /var/netwitness/mongo, /var/netwitness, and root on Node 0.
-
(Component Hosts) Node X File System Utilization - Verifies the disk partition utilization of /var/netwitness/mongo, /var/netwitness, and root for ESA Primary and Endpoint Log Hybrid services on Node X.
-
Mongo File (ESAPrimary) - Checks the ESA Primary node in the system or stack and verifies the permission mode of Mongo file.
-
Orchestration Server Normal Mode - Checks if the orchestration service is running in normal or safe mode.
-
(Admin Server) Node 0 Init status - Checks if there are any issues that might fail init process.
-
Fips Mode Check - Checks to ensure that the Fips mode is disabled (set to false) before and after upgrade.
-
Node-X RPM DB Index Check - Checks for the status of RPM DB on Node-X to make sure it is not corrupted.
-
Node-Z Yum Proxy Check - Checks for the existence of yum.conf file and availability of proxy within the file on Node -Z.
-
Node-X Yum Proxy Check - Checks for the existence of yum.conf file and availability of proxy within the file on Node -X.
-
Host Info Check Probe - Checks if the required fields of information of all the hosts in the system (Host IP, Hostname, Installed Services, and Raw Version) are available.
-
Node-Z Cipher Check Probe - Checks if the required ciphers are available in the location /etc/rabbitmq/rabbitmq.config on Node-0.
-
Node-X Cipher Check Probe - Checks if the required ciphers are available in the location /etc/rabbitmq/rabbitmq.config on all Node-X.
-
Node-X Hardware Version Check Probe - Checks for the hardware version of all reachable Node-X.
-
Node-Z Hardware Version Check Probe - Checks for the hardware version of the Admin server.
-
PuppetCA Probe - Checks if the stale puppet CA certificates are present in the location /etc/pki/nw/trust/truststore.pem.
-
AdminCertCheck Probe - Verifies if the admin-certs across all the nodes are the same as the admin-certs on the Admin Server.
-
NTP Probe - Checks all the nodes to ensure they are in sync with the NTP server.
-
StaleCerts Probe - Checks the mongo and warns if there are any unused stale certificates in it.
-
NodeCertIDCheck Probe - Checks the subject field of the node-cert and ensures that it is the same as the node-ID of the host.
Network Checklist
Certificate Checklist
-
Node 0 Service Certificates - Checks the validity of service certificates in the location /etc/pki/nw/service/ on Node-0.
-
Node X Service Certificates - Checks the validity of service certificates in the location /etc/pki/nw/service/ on Node-X.
-
Node Certificates on Node-0 - Checks the validity of node certificates in the location /etc/pki/nw/service on Node-0.
-
Root CA Certificates - Checks the validity of Root CA certificates in the location /etc/pki/nw/ca.