Open topic with navigation

Upgrading ESM on an Appliance

This section describes how to upgrade ESM on an appliance.

Note: If you are upgrading ESM on an appliance that is part of a High Availability environment, see the Active Passive High Availability Module User's Guide for information about performing the upgrade.

Upgrading the Operating System on a B7600 (G9) or B7700 (G10) Appliance

ESM 7.5 supports B7600 (G9) and B7700 (G10) appliances running on RHEL 7.9.

If you are on ESM 7.2 on a G9 or G10 appliance that is running RHEL 7.7, you must upgrade the operating system to RHEL 7.8 and then to RHEL 7.9 before you upgrade to ESM 7.5.

Even if you previously upgraded the operating system to the supported version, Micro Focus recommends upgrading the operating system with each release, using the upgrade script for the current release. This upgrade script provides security and other important updates.

To upgrade from RHEL 7.7 to RHEL 7.8 on a B7600 (G9) or B7700 (G10) appliance:

  1. As user root, download the upgrade file:

    esm_osupgrade_rhel78_20201027091511.tar.gz

    Micro Focus provides a digital public key to enable you to verify that the signed software that you received is from Micro Focus and has not been manipulated by a third party. For more information and instructions, visit the Signature Verification page.

    To initiate license procurement, after you download the .tar file, follow the instructions in the Electronic Delivery Receipt that you receive in e-mail.

  2. From the directory where you downloaded the upgrade file, extract the file:

    /bin/tar zxvf esm_osupgrade_rhel78_20201027091511.tar.gz

  3. Change directory:

    cd esm-rhel78upgrade

  4. Run the following command:

    chmod 0700 osupgrade

  5. Run the following command to start the operating system upgrade and generate an upgrade log file:

    /osupgrade 2>&1 | tee osupgrade.log

    When the operating system upgrade completes, the system reboots and services restart. Verify that all services are available.

  6. Run the following command to verify the operating system version: 

    cat /etc/redhat-release

    The result should be Red Hat Enterprise Linux Server release 7.8.

To upgrade from RHEL 7.8 to RHEL 7.9 on a B7600 (G9) or B7700 (G10) appliance:

  1. As user root, download the upgrade file:

    esm_osupgrade_rhel79_20210421234330.tar.gz

    Micro Focus provides a digital public key to enable you to verify that the signed software that you received is from Micro Focus and has not been manipulated by a third party. For more information and instructions, visit the Signature Verification page.

    To initiate license procurement, after you download the .tar file, follow the instructions in the Electronic Delivery Receipt that you receive in e-mail.

  2. From the directory where you downloaded the upgrade file, extract the file:

    /bin/tar zxvf esm_osupgrade_rhel79_20210421234330.tar.gz

  3. Change directory:

    cd esm-rhel79upgrade

  4. Run the following command:

    chmod 0700 osupgrade

  5. Run the following command to start the operating system upgrade and generate an upgrade log file:

    /osupgrade 2>&1 | tee osupgrade.log

    When the operating system upgrade completes, the system reboots and services restart. Before you continue with the upgrade to ESM 7.5, verify that all services are available.

  6. Run the following command to verify the operating system version: 

    cat /etc/redhat-release

    The result should be Red Hat Enterprise Linux Server release 7.9.

Upgrading the Appliance to ESM 7.5

After you complete any required operating system upgrades, upgrade the appliance to ESM 7.5.

To upgrade the appliance:

  1. Log in as user arcsight.

  2. If you did not perform an operating system upgrade, download the appropriate operating system upgrade script for your appliance. The scripts include an entropy generator, rng-tools, that you will need to run if you encounter entropy errors during the upgrade. ESM requires high levels of operating system entropy for secure cryptography.

    If you are upgrading a B7500 (G8) appliance, download esm_osupgrade_rhel610_20201020145000.tar.gz.

    If you are upgrading a B7600 (G9) or B7700 (G10) appliance, download esm_osupgrade_rhel78_20201020002532.tar.gz.

  3. You can perform the remaining steps directly on the appliance or remotely using ssh. To use ssh, open a shell window:

    ssh root@<hostname>.<domain>
  4. Change to the directory where you downloaded the upgrade files.

  5. Untar the ArcSightESMSuite-7.5.0.xxxx.0.tar file:

    tar xvf ArcSightESMSuite-7.5.0.xxxx.0.tar

  6. As user root, remove services before running the upgrade:

    cd <untar_directory>/Tools
    ./stop_services.sh

  7. As user arcsight, run the upgrade:

    cd <untar directory>
    ./ArcSightESMSuite.bin -i console

    Before the upgrade process begins, the upgrade program checks that all upgrade requirements are met. If you encounter an error at this point, correct the error and run the upgrade again.

    The upgrade is done in silent mode and transfers configurations, upgrades the schema and content, and generates an upgrade report.

    Before the upgrade process begins, the existing software components will be backed up to the following locations:

    /opt/arcsight/manager.preUpgradeBackup

    /opt/arcsight/logger/BLxxxx

    Services are backed up to services.preUpgradeBackup. The suite is backed up to suite.preUpgradeBackup. System tables are exported to /opt/arcsight/manager/tmp/arcsight_dump_system_tables.sql.<timestamp>.

    Do not delete the backup files before the upgrade is complete and you verify that it was successful. You might need the backup files to recover the system in case of a failed upgrade.

    If you receive a Java (Manager) heap size error message, press Enter. You will need to change the Manager heap size to at least 16 GB after the upgrade. For information about changing the heap size, see Completing Pre-Upgrade Tasks.

    If the upgrade fails, check the /opt/arcsight/upgradelogs/suite_upgrade.log file to determine the point of failure. If your log file does not include the following line, correct the error that you find in the log file and run the upgrade again:

    Pre-upgrade tasks completed successfully.

    If the upgrade fails at any point after the pre-upgrade checks, contact Technical Support and send all files in /opt/arcsight/upgradelogs/.

  8. Review the information that is provided about overwriting customized content and choose whether to continue the upgrade.

    If you have customized content that you need to back up, see Backing Up Resources Before Upgrading.

  9. After the Manager upgrade completes, check the upgrade summary report in /opt/arcsight/manager/upgrade/out/<timestamp>/summary.html.

  10. After the upgrade is complete, as user root, run the following script to set up the ArcSight services:

    /opt/arcsight/manager/bin/setup_services.sh

After you run the script to set up the ArcSight services, verify that the upgrade was successful and then complete the applicable post-upgrade tasks. For more information, see Verifying Successful Upgrade and Completing Post-Upgrade Tasks.

After the upgrade completes, ESM starts a process in the background to build case histories into a database table. The case histories are used to display information in the ArcSight Platform. ESM continues to function normally while it builds the case histories. The time to complete building the case histories depends on the volume of cases in the system. To determine whether building of the case histories was successful, check /opt/arcsight/var/logs/misc/casehistorybuilder.log. While ESM is building the cases histories, do not shut down ESM. If you need to shut down the Manager before case history building is complete, after you restart the Manager, run /opt/arcsight/manager/bin/arcsight buildcasehistory to restart the process.

After you complete post-upgrade tasks, upgrade the ArcSight Console and Smart Connectors. For more information, see Upgrading the ArcSight Console and Smart Connectors.