Upgrade Appliances in an HA + DR Deployment
Run the Installation Wizard from the Primary HA Server
You must run the LogRhythm Install Wizard on both the Primary and Secondary nodes.
Use the LogRhythm Install Wizard to install or upgrade LogRhythm components in your deployment. You must run the Install Wizard on each appliance or server in your deployment, and select the appliance configuration that you want to install or upgrade.
- The LogRhythm Install Wizard requires .NET Framework version 4.7.2 or above.
- If you are installing or upgrading the Data Indexer or Web Console, ensure that Windows Firewall Service is running before starting the Install Wizard to allow firewall rules to be created.
- Do not try to run the wizard from a network share. Run the wizard locally on each appliance.
- For systems with UAC (Vista and later), always run installers as a Local Administrator with elevated privileges. The person performing the installation must be in the Local Admin group, unless the domain is managed and the Group Policy Object dictates that only Domain Administrators can run installers.
- When installing the Web Console, it is recommended that you run the LogRhythm Install Wizard to install all Web Console services. You may choose to install the Web Console as a stand-alone installation or as part of the XM Appliance or Platform Manager (PM) configurations.
- Before installing or upgrading the Web Console, ensure that Windows Firewall is running so the Common installer can open port 8300.
- Log in as an administrator on the appliance or server where you are installing or upgrading LogRhythm software.
- Copy the entire LogRhythm Install Wizard directory to a new directory on the local server.
- Open the Install Wizard directory, right-click LogRhythmInstallWizard.exe, and then click Run as administrator.
The Welcome screen appears. - Click Next to proceed.
The wizard asks you to confirm that you have prepared the LogRhythm databases for the upgrade. - Click one of the following:
- If you have run the Database Install or Upgrade Tool on each Platform Manager or XM server, click Yes to continue.
- If you have not prepared the LogRhythm databases on all required appliances, click No to cancel the wizard, install or upgrade all of the required databases, and then continue with this procedure.
- Read the agreement carefully. By accepting the terms in the agreement, you agree to be bound by those terms.
If you accept the terms of the agreement, select the I accept the terms in the license agreement check box, and then click Next.
The configuration selector appears. Depending on the selected configuration, the wizard upgrades or installs a specific application or set of applications.For certain configurations, you can optionally select to install or upgrade the AI Engine.If you select the Web Console, it is installed to the default location, C:\Program Files\LogRhythm\LogRhythm Web Services. For instructions on how to install the Web Console to a custom location, see Use the LogRhythm Configuration Manager.For each appliance that you install, select the target appliance configuration, according to the following table.
If you are upgrading an existing PM + DP appliance or another configuration that is not represented in the Install Wizard, select one of the available configurations and then run the wizard again to install the next configuration.
7.x.x Configuration Select… XM XM
Platform Manager PM Data Processor DP Client Console Client Console Web Console Web Console AI Engine AIE Data Collector/System Monitor DC LogRhythm Diagnostics Tool LRD Tool LogRhythm Diagnostics Tools Agent LRD Agent If you are running the Install Wizard on an XM or DP/DX appliance, ensure that the Elasticsearch service is running before you continue. You can start all services by running the following command in an Administrative PowerShell prompt: Start-Service lr-*
If this service is not running, the Data Indexer installer will fail. After ensuring the service is running, you can run the Install Wizard again, or run the LRDataIndexer executable in the wizard's Installers subfolder by right-clicking it, and then clicking Run as Administrator.
When you have selected the target configuration, click Install.
The LogRhythm Deployment Tool appears.Select from the following options, depending on the type of deployment you are running:
For Disaster Recovery upgrades, follow the procedure for a multi-host upgrade in the LogRhythm Infrastructure Installer. The Deployment Properties modal asks whether your deployment includes Disaster Recovery. Be sure to select Yes and provide the FQDN of the DR Cluster and select OK.
Add the Management IP address of each DR server as two separate hosts in the deployment tool.
If applicable, add the IP addresses of other participating hosts in your LogRhythm deployment, and then click Create Deployment Package.
After the deployment package is created, click Run Host Installer on This Host. Leave this window open until the final step of this section.
Copy the deployment package from previous steps—both the Windows executable and the plan file—to a location the secondary host of the DR pair.
Log in to the Secondary host, run cmd as an administrator, and change the directory to the location where you copied the LRII executable and plan file.
From the command prompt, run lrii_windows.exe /dr-secondary, and verify that the command finishes without any errors.
Run the LRII exe from the deployment package on each additional LogRhythm host in the deployment.
Return to the Primary DR server and select Verify Status to confirm that all LogRhythm Host Installers have completed successfully. Exit when confirmation is complete.
Through services.msc, verify that the LogRhythm Service Registry service is using the appropriate service account after re-running the Infrastructure Installer.
For High Availability upgrades, the following instructions apply.
Select Upgrade Deployment.
The HA shared IP should be supplied as the IP address representing both nodes in the HA cluster. Do not add other IP addresses from the HA nodes.
If applicable, add the IP addresses of other participating hosts in your LogRhythm deployment, and then click Create Deployment Package.
- On the primary node, select Run Host Installer on This Host.
Copy the resulting deployment package (executable and plan file) to a location on the secondary node in the HA cluster.
On the secondary node, open an elevated command prompt (Run as administrator) and change directory to the location of the LRII_Windows.exe copied in the previous step. For example: cd "C:\Users\Administrator\Desktop\Deployment Package"
Run the following command: ".\LRII_Windows.exe --ha-secondary=<shared IP address>" and press Enter.
Additional help is available by clicking the question mark icon in the upper-right of the tool.
When you are finished preparing your deployment, you will be returned to the Install Wizard.Observe for any failures as the wizard installs or upgrades the applications according to the selected configurations.
When the Client Console is installed on a fresh system, additional software packages must be installed such as Microsoft Visual C++ Redistributable packages, SAP Crystal Reports runtime engine, and .NET Framework 4.7.2. For this reason, the Client Console installer may take 30 minutes or more to complete.Progress in the installation screen is indicated as follows:
Color Meaning Green The application was installed successfully. A message about the application and installed version is also printed below the status indicators.
Blue The application is being installed. Yellow The current or a newer version of the application is already installed. Red Something went wrong and the application was not installed. Additional details will be printed below the status indicators. If something went wrong, check the installer logs located in the following location:
C:\LogRhythm\Installer Logs\<install date and time>\During the Web Console installation or upgrade, if you receive a message that notifies you of an error with your Windows Installer package, go into each folder in C:\Program Files\LogRhythm\LogRhythm Web Services and run the unzip.bat file as an administrator. For other failures, run a Repair.Configure your deployment using the LogRhythm Configuration Manager that appears after the installation or upgrade is complete.
The LogRhythm Configuration Manager has two modes: Basic and Advanced. The most commonly edited settings are shown in Basic mode. Advanced mode displays all settings, including those shown in Basic mode, grouped according to which service they affect. You can filter the settings that are displayed by clicking one of the options on the left — All (no filtering), Authentication, or Web Services. When settings are filtered, you should enable the Advanced view to ensure you can see all settings. For more information, see Use the LogRhythm Configuration Manager.
While the Configuration Manager is still open, review your previous Web Console configuration values (backed up before starting the upgrade), turn on the advanced view, and validate or set all of the values in the Configuration Manager, especially the following:- Global, Database Server. This is the IP address of your Platform Manager where the EMDB is installed.
- Web Global, Database Password. This is the password for the LogRhythmWebUI user, used by the Admin API for connecting to the EMDB. If the password is not correct, the Admin API will display an error.
- Web Console UI values. Verify all settings for all Web Console instances.
When finished, click Save, back up your current configuration to file, and then close the Configuration Manager.
After you validate and save your configuration, it is strongly recommended that you make a new back up. Save the file in a safe location in case you need to restore it later.To close the LogRhythm Install Wizard, click Exit.
Run the Install Wizard on the secondary node. When the LogRhythm Deployment Tool (LRII) launches, click Exit and allow the installation to complete.
Run the Installation Wizard on Additional Nodes
After upgrading the Primary node, you must run the LogRhythm Install Wizard on the Secondary HA and DR nodes using the instructions above.