Prerequisites

When upgrading to Logger 7.3 version, the event flow will be automatically stopped.

Be sure that you meet these prerequisites before upgrading Logger:

Create a Logger configuration backup, refer to the Logger 7.3 Administrator’s Guide for instructions.

Remote OS upgrade is not supported for Logger Software form. Instead, manually upgrade your Operating System (OS) to a supported version before upgrading Logger. The latest OS distribution fixes additional security vulnerabilities.

If your system is running on RHEL 7.X, upgrade to the latest version of 7.9. See Upgrading your OS to RHEL 9.x for more instructions on upgrading your OS.

Before upgrading to Logger 7.3.0 patch 6, you must connect through SSH to the Logger console to validate the presence of the packages in the following table. Use the command in the Verification command column for each package.

If all packages are already installed, you already comply with the requirements and can proceed with the Logger upgrade (make sure to check the rest of the prerequisites in this list).

If any of the packages are missing, proceed to install them by using the command in the Installation command column. Once the installation of all the packages is finished, restart the Logger processes and proceed with the upgrade (make sure to check the rest of the prerequisites in this list).

Package	Verification command	Installation command
libnsl	rpm -qa \| grep libnsl	yum install libnsl
rng-tools	rpm -qa \| grep rng-tools	yum install -y rng-tools
compat-openssl10	rpm -qa \| grep compat-openssl10	yum install -y compat-openssl10 If the yum command does not work for you, download the package using your third party repository
ncurses-compat-libs	rpm -qa \| grep ncurses-compat-libs	yum install -y ncurses-compat-libs If the yum command does not work for you, download the package using your third party repository
lsof	rpm -qa \| grep lsof	yum install -y lsof
perl	rpm -qa \| grep perl	yum install -y perl
zip	rpm -qa \| grep zip	yum install -y zip

Before installing or upgrading Logger in Linux, you must modify four TCP properties of the OS environment as described in Configuring TCP keepalive parameters for Linux OS.
Enable the rngd.service with the following commands:

To see the status of the rngd.service run:
```
systemctl status rngd
```
Run the commands to start or enable the service:
```
systemctl start rngd.service
```
```
systemctl enable rngd.service
```
If not already done on the system, perform the following procedures:
- Increase the user process limit on the Logger’s OS. (This is not required for a VMWare VM installation). For more information, see Increasing the User Process Limit.
- If you are on RHEL 7.X , modify the login configuration file. For more information, see Editing the logind Configuration File for RHEL 7.X.

A non-root user account must exist on the system in which you are installing Logger. The installer will ask you to provide one, even if you install as root. The user id and its primary group id should be the same for this account. The UID for the non-root user should be 1500 and the GID should be 750. For example, to create the non-root user, run these commands as root:

groupadd –g 750 arcsight
useradd –m –g arcsight –u 1500 arcsight

These commands create a non-root user named arcsight that will work with a Logger software installation.

For local or remote software upgrades, download the files described in Verifying Your Upgrade Files, and follow the instructions to verify the signature. The files must be downloaded into a computer from which you connect to the Logger UI.

Increasing the User Process Limit

Before installing or upgrading Logger, you must increase the default user process limit while logged in as user root. This ensures that the system has adequate processing capacity.

This change is only necessary when installing Logger Software form on your own Linux system. It has already been done for Logger on VMWare VM.

To increase the default user process limit:

Open the file /etc/security/limits.d/<NN>-nproc.conf.
Where <NN> is 20 for RHEL 7.X and 8.6, and Rocky Linux 8.6.
- If you do not already have a /etc/security/limits.d/<NN>-nproc.conf file, create one (and the limits.d directory, if necessary).
- If the file already exists, delete all entries in the file.
Add the following lines:
```
* soft nproc 10240
* hard nproc 10240
* soft nofile 65536
* hard nofile 65536
```
Be sure to include the asterisk (*) in the new entries. It is important that you add all of the entries exactly as specified. Any omissions can cause system run time errors.
Reboot the machine.
Run the following command to verify the new settings:
```
ulimit -a
```
Verify that the output shows the following values for “open files” and “max user processes”:
```
open files		65536
max user processes 	10240
```

Editing the logind Configuration File for RHEL 7.X

Before installing or upgrading Logger on Red Hat Enterprise Linux (RHEL) 7.X, you must modify the inter-process communication (IPC) setting of the logind.conf file.

To modify the logind.conf file for RHEL 7.X:

Navigate to the /etc/systemd directory, and open the logind.conf file for editing.
Make sure the RemoveIPC line is active and set to no. Remove the # (if it appears).
The correct entry is: RemoveIPC=no
Save the file.
From the /etc/systemd directory, enter the following command to restart the systemd-logind service and put the change into effect:
```
systemctl restart systemd-logind.service
```