|Applies To||RSA Product Set: NetWitness Logs and Packets, Security Analytics|
RSA Product/Service Type: Appliances and Virtual Machines
RSA Version/Condition: 10.4.X, 10.5.X, 10.6.X
Component: Puppet Agent, Puppet Master
O/S Version: 6
|Issue||Occasionally you need to change the puppet node_id which is used to uniquely identify a host in a NetWitness Logs or Packets Server.|
This is a common activity if you are cloning a Virtual Log Collector (VLC) Virtual Machine (VM).
Warning: Caution needs to be exercised when performing this on a server which runs the puppet master service as this will likely require that the puppet trust be re-established on all hosts which are managed by the puppet master.
|Resolution||1. Change the basic networking (hostname and IP, if necessary) and reboot operating system|
mv /var/lib/puppet/node_id /var/log/node_id.old.`date +"%Y%m%d_%H%M"`
This should output new node_id to screen and saves this to /var/lib/puppet/node_id
Use the following command to check that new node_id was generated
If this was not successful (file either doesn't exist or is empty) you can run the following:
echo "$new_node_id" | tr -d '\r\n' > /var/lib/puppet/node_id
Run the following to make sure puppet.conf is updated correctly:
sed -ri "s/^certname = [a-z0-9\-]+/certname = $new_node_id/" /etc/puppet/puppet.conf
3. Re-trust the service
For the puppet agent run the following:
puppet agent -t --waitforcert 10
Wait until you see the message:
Notice: Did not receive certificate
Navigate to Administration \ Hosts and (if necessary use the Discover button) and Enable the new host.