Host GS: Troubleshooting Version Installations and Updates

Document created by RSA Information Design and Development on Nov 7, 2017Last modified by RSA Product Team on Nov 6, 2019
Version 12Show Document
  • View in full screen mode

This section describes the error messages displayed in the Hosts view when it encounters problems updating host versions and installing services on hosts in the Hosts view. If you cannot resolve an update or installation issue using the following troubleshooting solutions, contact Customer Support (https://community.rsa.com/docs/DOC-1294).

Troubleshooting instructions for the following errors are described in this section.

deploy_admin User Password Has Expired Error

Error Message

CauseThe deploy_admin user password has expired.
Solution

Reset your deploy_admin password password.

  1. In the NetWitness Suite menu, select ADMIN > Security > Users tab.
  2. Select the deploy_admin and click Reset Password.
    • If NetWitness Suite allows you to enter the expired deploy_admin password in the Reset Password dialog, complete the following steps.
      1. Enter the expired deploy_admin password.
      2. Uncheck the Force password change on next login checkbox.
      3. Click Save
    • If NetWitness Suite does not allow you to enter the expired deploy_admin password in the Reset Password dialog.
      1. On the NW Server host and all other hosts on 11.x , run the following command using the new deploy_admin password.
        /opt/rsa/saTools/bin/set-deploy-admin-password
      2. On the host that failed installation/orchestration, run the nwsetup-tui and use the new deploy_admin password.

Downloading Error

Error Message

ProblemWhen you select an update version and click Update >Update Host, the download starts but fails to complete.
CauseVersion download files can be large and take a long time to download. If there are communication issues during the download it will fail.
Solution
  1. Try to download it again.
  2. If the download still fails, try to download it outside of NetWitness Suite as described in Apply Updates from the Command Line (No Web Access).
  3. If you still cannot download the update file, contact Customer Support (https://community.rsa.com/docs/DOC-1294).

Error Deploying Version <version-number> Missing Update Packages

Error Message

Problem

Error deploying version <version-number> is displayed in the Initialize Update Package for RSA NetWitness Platform dialog after you click on Initialize Update if the update package is corrupted.

Solution
  1. Click Close to close the dialog.

  2. Recopy the update package zip file to the staging folder.
  3. In the Hosts view toolbar, select Check for Updates again.

  4. Click Initialize Update.
  5. Click Update > Update Hosts from the toolbar.
  6. Click Begin Update from the Update Available dialog.
    After the host is updated, it prompts you to reboot the host.
  7. Click Reboot from the toolbar.

External Repo Update Error

Error Message

Received an error similar to the following error when trying to update to a new version from the :
.Repository 'nw-rsa-base': Error parsing config: Error parsing "baseurl = 'https://nw-node-zero/nwrpmrepo /<version-number>/RSA'": URL must be http, ftp, file or https not ""

CauseThere is an error the path you specified.
Solution

Make sure that:

  • the URL does exist on the NW Server host.
  • you used the correct path and remove any spaces from it.

Host Installation Failed Error

Error Message

ProblemWhen you select a host and click Install the install service process fails.
Solution
  1. Try to install the service again.
    Often this is all you need to do.
  2. If you still cannot install the service:
    1. Monitor the following logs on NW Server as it progresses (for example, submit the tail -f command string from the command line'):
      /var/netwitness/uax/logs/sa.log
      /var/log/netwitness/orchestration-server/orchestration-server.log
      /var/log/netwitness/deployment-upgrade/chef-solo.log
      /var/log/netwitness/config-management/chef-solo.log

      /var/lib/netwitness/config-management/cache/chef-stacktrace.out
      The error appears in one or more of these logs.
    2. Try to resolve the issue and reinstall the service.
      • Cause 1 - Entered the wrong deploy_admin password in the nwsetup-tui.
        Solution - Retrieve your deploy_admin password.
        Complete the following steps to resolve Cause 1.
        1. In the NetWitness Suite menu, select ADMIN > Security > Users tab.
        2. Select the deploy_admin and click Reset Password.
        3. (Conitional) If NetWitness Suite does not allow you to expired deploy_admin password in the Reset Password dialog, complete the following steps.
          1. SSH to the NW Server host.
            security-cli-client --get-config-prop --prop-hierarchy
            nw.security-client --prop-name platform.deployment.password –quiet

          2. SSH to the host that failed installation/orchestration.

          3. Run the nwsetup-tui again using correct deploy_admin password.

        • Cause 2 -The deploy_admin password has expired.
          Complete the following step to resolve Cause 2.
          1. In the NetWitness Suite menu, select ADMIN > Security > Users tab.
          2. Select the deploy_admin and click Reset Password.
          3. (Conditional) If NetWitness Suite allows you enter the expired deploy_admin password in the Reset Password dialog, complete the following steps.
            1. Enter the expired deploy_admin password.
            2. Uncheck the Force password change on next login checkbox.

            3. Click Save.
          4. (Conditional) If NetWitness Suite does not allow you to enter the expired deploy_admin password in the Reset Password dialog, complete the following steps.
            1. Reset deploy_admin to use a new password.

            2. On all the NW Server host and all other hosts on 11.x, run the following command using the new deploy_admin password.
              /opt/rsa/saTools/bin/set-deploy-admin-password
            3. On the host that failed installation/orchestration, run the nwsetup-tui and use the new deploy_admin password.

  1. If you still cannot apply the update, gather the logs from step 2 and contact Customer Support (https://community.rsa.com/docs/DOC-1294).

Host Update Failed Error

Error Message


ProblemWhen you select an update version and click Update > Update Host, the download process is successful, but the update process fails.
Solution
  1. Try to apply the version update to the host again.
    Often this is all you need to do.
  2. If you still cannot apply the new version update:
    1. Monitor the following logs on NW Server as it progresses (for example, run the tail -f command from the command line):
      /var/netwitness/uax/logs/sa.log
      /var/log/netwitness/orchestration-server/orchestration-server.log
      /var/log/netwitness/deployment-upgrade/chef-solo.log
      /var/log/netwitness/config-management/chef-solo.log

      /var/lib/netwitness/config-management/cache/chef-stacktrace.out
      The error appears in one or more of these logs.
    2. Try to resolve the issue and reapply the version update.
      • Cause 1 - deploy_admin password has expired.
        Solution - Reset your deploy_admin password .
        Complete the following steps to resolve Cause 1.
        1. In the NetWitness Suite menu, select ADMIN > Security > Users tab.
        2. Select the deploy_admin and click Reset Password.
        3. (Conitional) If NetWitness Suite does not allow you to expired deploy_admin password in the Reset Password dialog, complete the following steps.
          1. Reset deploy_admin to use a new password.
          2. On all non-NW Server hosts on 11.x , run the following command using the matching deploy_admin password from NW Server host.
            /opt/rsa/saTools/bin/set-deploy-admin-password
        • Cause 2 -The deploy_admin password was changed on NW Server host but not changed on non-NW Server hosts.
          Complete the following step to resolve Cause 2.
          •  On all non-NW Server hosts on 11.x , run the following command using the matching deploy_admin password from NW Server host.
            /opt/rsa/saTools/bin/set-deploy-admin-password
  1. If you still cannot apply the update, gather the logs from step 2 and contact Customer Support (https://community.rsa.com/docs/DOC-1294).

Missing Update Packages Error

Error Message

ProblemMissing the following update package(s) is displayed in the Initialize Update Package for RSA NetWitness Platform dialog when you are updating a host from the Hosts view offline and there are packages missing in the staging folder.
Solution
  1. Click Download Packages from RSA Link in the Initialize Update Package for RSA NetWitness Platform dialog.
    The RSA Link page that contains the update files for the selected version is displayed.

  2. Select missing packages from staging folder (for example, 11.4.0.0, 11.4.0.1, and 11.4.1.0).

    The Initialize Update Package for RSA NetWitness Platform dialog is displayed telling you that it is ready to initialize the update packages.

OpenSSL 1.1x Error

Error Message

The following example illustrates an ssh error that can occur when the ssh client is run from a host with OpenSSL 1.1.x installed: 
$ ssh root@10.1.2.3
ssh_dispatch_run_fatal: Connection to 10.1.2.3 port 22: message authentication code incorrect

ProblemAdvanced users who want to ssh to a NetWitness Platform host from a client that is using OpenSSL 1.1.x encounter this error because of incompatibility between CENTOS 7.x and OpenSSL 1.1.x. For example:
$ rpm -q openssl
openssl-1.1.1-8.el8.x86_64
Solution

Specify the compatible cipher list on the command line. For example:
$ ssh -oCiphers=aes128-ctr,aes192-ctr,aes256-ctr root@10.1.2.3
I've read &amp; consent to terms in IS user agreement.
root@10.1.2.3's password:
Last login: Mon Oct 21 19:03:23 2019

Patch Update to Non-NW Server Error

Error Message

The /var/log/netwitness/orchestration-server/orchestration-server.log has an error similar to the following error: 
API|Failure /rsa/orchestration/task/update-config-management [counter=10 reason=IllegalArgumentException::Version '11.x.x.n' is not supported

ProblemAfter you update the NW Server host to a version, you must update all non-NW Server hosts to the same version. For example, if you update the NW Server from 11.3.0.0 to 11.3.1.0 , the only update path for the non-NW Server hosts is the same version (that is, 11.3.1.0). If you try to update any non-NW Server host to a different version (for example, from 11.3.0.0 to an 11.3.0.1 you will get this error.
Solution

You have two options:

  • Update the non-NW Server host to 11.3.1.0, or
  • Do not update the non-NW Server host (keep it at its current version)

Reboot Host After Update from Command Line Error

Error Message

You receive a message in the User Interface to reboot the host after you update and reboot the host offline.

CauseYou cannot use CLI to reboot the host. You must use the User Interface.
Solution

Reboot the host in the Host View in the User Interface.

 

You are here

Table of Contents > Troubleshooting Version Installations and Updates

Attachments

    Outcomes