000034584 - How to completely remove RSA Web Threat Detection 6.1 from a host

Document created by RSA Customer Support Employee on Dec 23, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 4Show Document
  • View in full screen mode

Article Content

Article Number000034584
Applies ToRSA Product Set: Web Threat Detection
RSA Version/Condition: 6.1
IssueThe intent of this article is to completely remove WTD from your host.
Please DO NOT apply the steps of this article to a  production environment without assistance from RSA Professional Services or for any assistance in implementing, migrating or updating your production WTD environment.
  1. Login to Scout and stop the services in the following order :
    - UIServer
    - SilverCat
    - SiteProxy
    - AnnoDB
    - ScoutProxy
    - Scout

  2. Install yum-plugin to remove WTD dependencies.
    yum install yum-plugin-remove-with-leaves

  3. Run Yum to list all the WTD  packets installed.
    sudo yum list | egrep -i "rsa|wtd|cassandra"
    cassandra12.noarch                          1.2.13-1                    @/cassandra12-1.2.13-1.noarch
    rsa-wtd-enterprise.x86_64                      @/rsa-wtd-enterprise-
    rsa-wtd-preinstall.x86_64                @/rsa-wtd-preinstall-

  4. Uninstall WTD packets.
    sudo yum remove rsa-wtd-enterprise.x86_64 --remove-leaves
    sudo yum remove cassandra12.noarch --remove-leaves
    sudo yum remove rsa-wtd-preinstall.x86_64 --remove-leaves

  5. Remove the silvertail directory.
    rm -Rf /var/opt/silvertail/

  6. Remove the rsawtd user and home directory.
    userdel -r -f rsawtd

    NotesFor more details please refer to the attached video.