|Applies To||RSA Product Set: Security Analytics|
RSA Product/Service Type: SA Series 4S Security Analytics Appliance
Operating System: CentOS 6
|Issue||This KB outlines a process written for appliances running CentOS 6. The process is different for appliances running CentOS 7 and the KB, while generally helpful, requires different procedures which have not yet been posted. |
A Security Analytics Series 4S appliance has failed but all disk drives are fully functional and contain valid configuration information for the failed host.
This process assumes the SD Cards have been disabled in the appliance and are not in use.
It is possible to swap appliances if the SD Cards are in use but in that case please contact Support and open a case until a KB article for that process is posted.
Note that you may encounter exceptions to this flow and this document does not necessarily cover every set of circumstances you might encounter. If you encounter a problem and are unsure how to proceed please contact Support for guidance.
|Tasks||You can use these steps to complete the process of swapping the drives from an old appliance into a new appliance. |
Swapping the Hardware:
|Resolution||Verify the appliance is operational at the ssh prompt and at the Security Analytics WebUI.|
|Notes||Changing the /etc/udev/rules.d/70-persistent-net.rules File|
Make a backup of the file before making any changes in case you need to refer to the original configuration later. Copy or rename the /etc/udev/rules.d/70-persistent-net.rules to /etc/udev/rules.d/70-persistent-net.rules.bak
Either delete the etc/udev/rules.d/70-persistent-net.rules file after you back it up, or manually edit the /etc/udev/rules.d/70-persistent-net.rules file to delete the MAC addresses left over from the old appliance.
Once you delete old file or older lines save the file.
Reboot the server which will rebuild the 70-persistent-net.rules file with the new MAC addresses.
Be aware that the rebuilt file may name the interfaces as "eth0," "eth1," eth2," and "eth3" rather than "em1," "em2," em3," and "em4." You may need to edit the file after the initial reboot, changing the NAME value to the "em1," "em2," em3," and "em4" naming convention to match what is defined in the /etc/sysconfig/network-scripts/ifcfg-em# scripts. You should run the "start_udev" command after making this change.
The MAC addresses are highlighted in the sample file below.
Sample File: /etc/udev/rules.d/70-persistent-net.rules