You must redeploy; that is, uninstall and reinstall the Elasticsearch security plug-in in the Elasticsearch node included in Sentinel and external Elasticsearch nodes in the following scenarios:
Adding or modifying remote Collector Manager IP addresses.
Uninstalling remote Collector Managers.
To redeploy Elasticsearch security plug-in:
Log in to the Sentinel server or Elasticsearch node as the user which Elasticsearch is running as.
Uninstall the plug-in using the following command:
For Elasticsearch included in Sentinel: <Sentinel_installation_path>/opt/novell/sentinel/3rdparty/elasticsearch/bin/elasticsearch-plugin remove elasticsearch-security-plugin
For external Elasticsearch: <elasticsearch_install_directory>/bin/elasticsearch-plugin remove elasticsearch-security-plugin
Reinstall the plug-in:
For Elasticsearch included in Sentinel: <sentinel_installation_path>/opt/novell/sentinel/3rdparty/elasticsearch/bin/elasticsearch-plugin install file://localhost/<Sentinel_installation_path>/etc/opt/novell/sentinel/scalablestore/elasticsearch-security-plugin*.zip --verbose
For external Elasticsearch: <elasticsearch_install_directory>/bin/elasticsearch-plugin install file://localhost/<full path of elasticsearch-security-plugin*.zip file copied from the Sentinel machine> --verbose
Restart Elasticsearch using the following command:
For the Elasticsearch node included in Sentinel:
rcsentinel stopES rcsentinel startES
For external Elasticsearch nodes:
sudo systemctl restart elasticsearch.service