This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Platform Online Documentation
Browse the official NetWitness Platform Online documentation for helpful tutorials, step-by-step instructions, and other valuable resources.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Versions
Collections
All Downloads

Product Resources

Pre Upgrade Checks for 12.3

You must run the pre-upgrade checks before you upgrade to NetWitness 12.3.0.0 to identify any issues that may result in upgrade failure.

To run the pre-upgrade checks, perform the following:

  1. Log in to Admin console.

  2. Run the following command:
    nw-precheck-tool upgrade-checklist

    The pre-upgrade checks verifies the following:

    Upgrade Checklist

  • Security Client File Check - Ensures security-client-amqp.yml file is not present.

  • Node-0 NW Service-id Status - Ensures all the service-id is intact with all the different services in Node 0.

  • Broker Service Trustpeer Symlink - Ensures Broker symlink file (/etc/netwitness/ng/broker/trustpeers/) is not broken.

  • Node-0 NW Services Status - Checks the status of all the services in Node 0.

  • Yum External Repo Check - Ensures external repos are not available and not enabled.

  • Node-0 RPM DB Index Check - Checks if the RPM DB is corrupted or not.

  • Salt Master Communication - Verifies the salt communication from Node 0 to all the Nodes.

  • Node-0 Certificates Check - Checks if any certificates are missing, expired, or invalid issuer type.

  • Mongo Authentication - Validates the deploy_admin credentials fetched from security-cli-client using Mongo client.

  • Rabbitmq Authentication - Validates the deploy_admin credentials fetched from security-cli-client using RabbitMQ.

  • (Component Hosts) Node X NW Service Status - Verifies the status of services (Active or In Active) on all the Node X.

  • (Component Hosts) Node X Certificates Check - Checks the certificate expiry, missing, corrupted, and issuer mismatch in all categories of Node X.

  • Nodes CPU-Memory Info - Provides CPU and Memory details of all the nodes along with the real-time available memory.

  • (Admin Server) Node 0 File System Utilization - Verifies the disk partition utilization of /var/netwitness/mongo, /var/netwitness, and root on Node 0.

  • (Component Hosts) Node X File System Utilization - Verifies the disk partition utilization of /var/netwitness/mongo, /var/netwitness, and root for ESA Primary and Endpoint Log Hybrid services on Node X.

  • Mongo File (ESAPrimary) - Checks the ESA Primary node in the system or stack and verifies the permission mode of Mongo file.

  • Orchestration Server Normal Mode - Checks if the orchestration service is running in normal or safe mode.

  • (Admin Server) Node 0 Init status - Checks if there are any issues that might fail init process.

  • Fips Mode Check - Checks to ensure that the Fips mode is disabled (set to false) before and after upgrade.

  • Node-X RPM DB Index Check - Checks for the status of RPM DB on Node-X to make sure it is not corrupted.

  • Node-Z Yum Proxy Check - Checks for the existence of yum.conf file and availability of proxy within the file on Node -Z.

  • Node-X Yum Proxy Check - Checks for the existence of yum.conf file and availability of proxy within the file on Node -X.

  • Host Info Check Probe - Checks if the required fields of information of all the hosts in the system (Host IP, Hostname, Installed Services, and Raw Version) are available.

  • Node-Z Cipher Check Probe - Checks if the required ciphers are available in the location /etc/rabbitmq/rabbitmq.config on Node-0.

  • Node-X Cipher Check Probe - Checks if the required ciphers are available in the location /etc/rabbitmq/rabbitmq.config on all Node-X.

  • Node-X Hardware Version Check Probe - Checks for the hardware version of all reachable Node-X.

  • Node-Z Hardware Version Check Probe - Checks for the hardware version of the Admin server.

  • PuppetCA Probe - Checks if the stale puppet CA certificates are present in the location /etc/pki/nw/trust/truststore.pem.

  • AdminCertCheck Probe - Verifies if the admin-certs across all the nodes are the same as the admin-certs on the Admin Server.

  • NTP Probe - Checks all the nodes to ensure they are in sync with the NTP server.

  • StaleCerts Probe - Checks the mongo and warns if there are any unused stale certificates in it.

  • NodeCertIDCheck Probe - Checks the subject field of the node-cert and ensures that it is the same as the node-ID of the host.

Network Checklist

  • (Admin Server) Node 0 closed ports - Checks if the service ports required for NetWitness services are open and listening on Node 0.

  • (Component Hosts) Node X closed ports - Checks if the service ports required for NetWitness services are open and listening on Node X.

Certificate Checklist

  • Node 0 Service Certificates - Checks the validity of service certificates in the location /etc/pki/nw/service/ on Node-0.

  • Node X Service Certificates - Checks the validity of service certificates in the location /etc/pki/nw/service/ on Node-X.

  • Node Certificates on Node-0 - Checks the validity of node certificates in the location /etc/pki/nw/service on Node-0.

  • Root CA Certificates - Checks the validity of Root CA certificates in the location /etc/pki/nw/ca.

Was this article helpful? Yes No
0% helpful (0/1)

On this page

© 2022 RSA Security LLC or its affiliates. All rights reserved.