Upgrading your OS to RHEL 8.x

We provide the instructions below in an effort to keep ahead of the RHEL 7.9 EOL, which took effect this year. Since the hardware and OS where Logger Software form is installed is managed by your company, it's up to your own discretion and risk to perform the OS upgrade using the steps provided below.

  1. Create a Logger configuration backup, refer to the Logger 7.3 Administrator’s Guide for instructions.

  2. Stop the Logger services and keep them from restarting during the multiple reboots that the OS upgrade will entail.

    These commands can only be executed with a root user

    • To stop the Logger services:

      <install_dir>/current/arcsight/logger/bin/loggerd stop

    • To check that all services have stopped:

      <install_dir>/current/arcsight/logger/bin/loggerd status

    • To disable the services from restarting after a reboot:

      systemctl disable arcsight_logger

  3. Follow the Red hat documentation instructions to perform your OS upgrade from RHEL 7.9 to RHEL 8.x.

    During the OS upgrade, you will get a chance to choose which version of RHEL you want to end up on. Make sure to check the supported platforms for your Logger and choose the correct one:

  4. Execute the post-upgrade verifications to make sure the RHEL 8.x system has reached the required state after the in-place upgrade.

    The verification can only be performed once the upgrade has finished successfully, and you're able to log into RHEL 8.x.

    • Check the current OS version:

      # cat /etc/redhat-release

      Example output:

      Red Hat Enterprise Linux release 8.6 (Ootpa)

    • Check the OS kernel version:

      # uname -r

      Example output:

      4.18.0-372.32.1.el8_6.x86_64

  5. (Optional - for root installations only) Reestablish the permissions with the following command:

    # /opt/arcsight/logger/current/arcsight/logger/bin/scripts/logger_fix_perms_sw.sh /opt/arcsight/logger/

    Example output:

    Succesfully tightened permissions for logger module.
Succesfully tightened permissions for conapp module.
Succesfully tightened permissions for conapp module.
Succesfully tightened permissions.

  6. After the OS upgrade, validate the presence of the packages in the following table. Use the command in the Verification command column for each package.

    If all packages are installed, you already comply with this requirement.

    If any of the packages are missing, proceed to install them by using the command in the Installation command column. Once the installation of all the packages is finished, proceed to the next step.

    Package Verification command Installation command
    libnsl 
    rpm -qa | grep libnsl
    		 
    yum install libnsl
    rng-tools 
    rpm -qa | grep rng-tools
    		 
    yum install -y rng-tools
    compat-openssl10 
    rpm -qa | grep compat-openssl10
    		 
    yum install -y compat-openssl10
    If the yum command does not work for you, download the package using your third party repository
    ncurses-compat-libs 
    rpm -qa | grep ncurses-compat-libs
    		 
    yum install -y ncurses-compat-libs
    If the yum command does not work for you, download the package using your third party repository
    lsof 
    rpm -qa | grep lsof
    		 
    yum install -y lsof
    perl 
    rpm -qa | grep perl
    		 
    yum install -y perl
    zip 
    rpm -qa | grep zip
    		 
    yum install -y zip

  7. Enable the rngd.service with the following commands:

    To see the status of the rngd.service run:

    systemctl status rngd

    Run the commands to start or enable the service:

    systemctl start rngd.service
systemctl enable rngd.service

  8. Add the TCP OS configuration properties using the following steps:

    1. Edit the system file by executing this command:

      vi /etc/sysctl.conf

      Next, press Shift + G to reach the end of file.

    2. Add or modify the following timeout properties and their recommended values:

      net.ipv4.tcp_fin_timeout = 30
net.ipv4.tcp_keepalive_time = 60
net.ipv4.tcp_keepalive_intvl = 2
net.ipv4.tcp_keepalive_probes = 2

    3. Exit and save:

      (wq!)

    4. Apply the changes by running the command

      sysctl -p

  9. Look for the 20-nproc.conf file, and make sure you have the right credentials to edit it:

    # cd /etc/security/limits.d/
# ls -al

    If the file is not listed, but you do have a 20-nproc.conf.rpmsave file, rename it with this command:

    mv 20-nproc.conf.rpmsave 20-nproc.conf

  10. Reboot the machine.

  11. Execute the ulimit command again to verify the values for open files and max user processes.

    # ulimit -a

    Look for the open files and max user processes values in the list. They should be (-n) 65536 for open files and (-u) 10240 for max user processes.

  12. Delete the libcrypt.so.1 file:

    # cd /opt/arcsight/logger/current/local/lib/
# rm libcrypt.so.1

  13. Re-enable Logger to restart the services on its own with the following commands:

    • To enable the services again:

      systemctl enable arcsight_logger

    • To restart the services the first time:

      <install_dir>/current/arcsight/logger/bin/loggerd start all

    The next machine reboot would see the Logger services restarting on their own.