000029815 - How to upgrade to RSA Security Analytics or 10.4.1 from 10.3.x when the Q4 2014 Security Patch is already installed

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 14, 2017
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000029815
Applies ToRSA Product Set: Security Analytics
RSA Version/Condition: 10.3.x,, 10.4.1
Platform: CentOS
IssueIf the Security Analytics Q4 2014 Security Patch has already been applied to a Security Analytics 10.3.x environment, attempting to upgrade to version or 10.4.1 will result in package dependency errors.
CauseThis issue occurs because the the Q4 2014 Security Patch is no longer present in the SMCupdate repository.
If the local repository has also been cleared, then the dependency packages will not exist during the upgrade and errors will occur.
ResolutionIn order to resolve the issue and successfully upgrade to version or 10.4.1, follow the steps below.
  1. Download the Security Analytics Q4 2014 Security Update (file name q4bundle14.tgz) from the RSA SecurCare Online portal.
  2. Rename the downloaded file from q4bundle14.tgz to q4bundle14.zip.
  3. Upload the Q4 2014 Security Patch to the local Security Analytics server repository.
    1. In the Security Analytics UI, navigate to Administration -> System -> Updates and click on the Manual Updates tab.
    2. Click on the Upload Files button and then click on the Add ( + ) button to browse for and select the q4bundle14.zip file.  Click the Upload button.
        User-added image
    3. Select all uploaded files and click on the Apply button.
  4. Download the Security Analytics version or 10.4.1 update archive from RSA Download Central or RSA SecurCare Online respectively.  
       NOTE:  The latest Security Analytics release can also be obtained using the SMCupdate feature within the Security Analytics UI.
  5. If the update archive is manually downloaded, upload the file to the local Security Analytics server repository following the same method in Step 2.
  6. Verify that the netwitness.repo is enabled on the Security Analytics server appliance so that it can also receive the updated packages.

       Enabling the netwitness.repo on the Security Analytics server:
    1. Connect to the Security Analytics server appliance via SSH as the root user.
    2. Navigate to the /etc/yum.repos.d directory with the following command:  cd /etc/yum.repos.d
    3. Edit the netwitness.repo file in the vi editor with the following command:  vi netwitness.repo
    4. Verify that the fourth line says enabled = 1 and modify it as necessary.
    5. Save the changes by hitting the escape key followed by :wq! and then hit enter.
  7. Follow the instructions in the appropriate Upgrade Instructions documentation to upgrade to version or 10.4.1.
If you are unsure of any of the steps above or experience any issues, contact RSA Support and quote this article number for further assistance.