Using an scp utility (e.g. Winscp, scp, pscp etc.), transfer the script to your NetWitness host's /root directory.
PLEASE COPY THIS FILE TO YOUR APPLIANCE USING SCP RATHER THAN USING A WINDOWS TEXT EDITOR, AS SOME WINDOWS TEXT EDITORS DO NOT HANDLE UNIX LF'S CORRECTLY, THUS UNEXPECTED RESULTS COULD OCCUR.
To display help for the script, execute "./nwtech.sh -h".
Change permissions on the file to make it executable by running from an ssh session "chmod +x nwtech.sh"
Execute the script by running "./nwtech.sh -p" or "./nwtech.sh username password". The "-p" option will prompt you for username and password. Providing the credentials on the command line is less secure but if your password contains certain special characters you may have to run the script this way and enclose the password in 'single quotes'. The correct credentials for your appliance services, i.e. the Decoder, Concentrator, or Broker credentials you would enter in Administrator, and not your operating system credentials, i.e. not what you use to login via SSH. Unless -i is selected, the script may terminate if a service login failure occurs.
Note: The script will generate an output file called 'nwtech-<dateandtime>.tar.bz2' - the complete filename will be listed at the end of the script's output.
Usage: ./nwtech.sh username password [-s] [-ss] [-i] [-a] [-k] [-b] [-e]
Usage: ./nwtech.sh -p [-s] [-ss] [-i] [-a] [-k] [-b] [-e]
Usage: ./nwtech.sh -d [-k] [-b] [-e]
* Passwords supplied from command line containing certain special characters like # may need to be placed within 'single quotes' e.g. 'pass#word'
* It may also be necessary to upgrade to at least NextGen 184.108.40.206/220.127.116.11 due to a defect in handling passwords containing special characters.
* Special characters include: " # $ & ( ) * ' \ ` ~
* Passwords may not contain certain characters such as space & -
* There is a 17 character password limit.
-p Prompt for service credentials separately instead of entering username & password via command line. This MUST be specified as the first parameter.
-d Only run disk commands. Do nothing else. This MUST be specified as the first parameter. Do not enter a username and password on the command line.
-s Login to services using SSL. Use this option if your services have SSL enabled.
-ss Prompt for SSL separately for each service. Use this if not all services have SSL enabled.
-n If NetWitness 11.x, don't include sosreport.
-i Ignore failed login attempts and continue. Note: If a service login fails then the output file will NOT contain service exports such as service logfiles and service stats.
-a Grab ALL /var/log/messages* files, not just active logfile and don't truncate service logs.
-k Keep script output beneath current directory and do not compress. Cannot be used with -b or -e switches
-b Use bz2 compression if '7za' command is present (7zip compression is default if '7za' is installed).
-e Encrypt payload using RSA NetWitness Support PGP public key (firstname.lastname@example.org). You may be prompted to add the key to your GPG keyring. The unencrypted output file will not be deleted. Cannot be used with -k.
Please see changelog file referenced in notes for further details.
For versions >= 10.4.x and if the -p parameter is used, once successful authentication is achieved using one of the following important services then the rest of the services will attempt to authenticate using the puppet trust model.
The services considered important are:
Click here to download the latest version of the nwtech.sh script.
Click here to view the Changelog for the nwtech.sh script.
Click here to download the curl-7.18.1-1.fc9.x86_64.rpm package for Fedora Core 9.