Breadcrumbs

High Availability Installation Checklist

This checklist can be used to record your progress throughout the process of installing a LogRhythm High Availability deployment.

Prerequisites Verification

Network Requirements

  • [ ] Three static IP addresses for each HA pair (one for each node plus one shared)

  • [ ] Verify required ports are open:

    • [ ] Windows File and Print: 135/TCP, 137/UDP, 138/UDP, 139/TCP, 445/TCP

    • [ ] LifeKeeper: 81/TCP, 82/TCP, 1500/TCP, 1510/TCP, 3278/TCP, 3279/TCP

    • [ ] DataKeeper: 9999/TCP, 10003/TCP, 10011/TCP, 10018/TCP

  • [ ] For dual site deployments:

    • [ ] Verify low latency connections (less than 15ms ping time)

    • [ ] Confirm network appears as a single subnet for Public and Private adapters

    • [ ] Verify sufficient network bandwidth

System Requirements

  • [ ] Verify LogRhythm version 7.8+ and current HA software version (10.x)

  • [ ] Confirm both nodes are identical hardware (same specs, storage quantity, storage type)

  • [ ] Ensure systems are physical machines (cloud infrastructure not supported)

  • [ ] Verify uninterruptible power supply connections

  • [ ] Disable automatic page file setting on both HA nodes

  • [ ] Back up critical data before installation

Host Configuration

  • [ ] Create shared host record in LogRhythm Console's Deployment Manager

  • [ ] Create DNS records for Shared Machine Name and Shared Public IP address

  • [ ] Create PTR records for DNS entries

Physical Configuration Setup

Network Interface Configuration

  • [ ] Set static IP addresses on both nodes

  • [ ] Connect NIC1 on each system to production network

  • [ ] Connect NIC4 on each system using crossover cable (for single site setup)

  • [ ] Label NICs as Public or Private

  • [ ] Set Public NIC metric to 1

  • [ ] Set Private NIC metric to 20

Security Configuration

  • [ ] Add Debug permissions to Administrator account if needed:

    • [ ] Local Security Policy > Local Policies > User Rights Assignment > Debug Programs

HA Software Installation

On Primary Node

  • [ ] Run HA Setup tool (LogRhythm High Availability Setup.exe)

  • [ ] Select "Primary" option

  • [ ] Configure domain name (if applicable)

  • [ ] Configure AIE settings (if applicable)

  • [ ] Enter Machine Name and Public IP for Primary, Secondary, and Shared

  • [ ] Enter Private IP addresses for Primary and Secondary

  • [ ] Test the configuration and resolve any errors

  • [ ] Export XML configuration file for secondary node

  • [ ] Click Install and follow prompts

  • [ ] Provide SQL sa password if prompted

  • [ ] Reboot system when complete

On Secondary Node

  • [ ] Run HA Setup tool

  • [ ] Import XML configuration file

  • [ ] Verify and test the configuration

  • [ ] Click Install and follow prompts

  • [ ] Reboot system when complete (after primary has completed rebooting)

Post-Installation Configuration

Verification Steps

  • [ ] Verify installation of required programs:

    • [ ] LifeKeeper for Windows v8 Update 9

    • [ ] LifeKeeper Microsoft SQL Server Recovery Kit v8 Update 9

    • [ ] SIOS DataKeeper for Windows v8 Update 9

    • [ ] Microsoft Visual C++ 2015 Redistributable (x64 and x86)

  • [ ] Check log files for errors

  • [ ] Run LifeKeeper GUI on primary system to verify initial configuration

Service Account Configuration

  • [ ] Configure LifeKeeper service to run as account with local admin credentials (on both nodes)

  • [ ] Configure SIOS DataKeeper service to run as account with local admin credentials (on both nodes)

  • [ ] Start Elasticsearch on XM nodes

LogRhythm Infrastructure Configuration

  • [ ] Run LogRhythm Infrastructure Installer

  • [ ] Select Add/Remove Host

  • [ ] Replace individual IPs with single shared IP

  • [ ] Create deployment package

  • [ ] Run Host Installer on Primary node

  • [ ] Copy deployment package to Secondary node

  • [ ] Run deployment package with --ha-secondary flag on Secondary node

  • [ ] Verify completion without errors

LogRhythm Configuration

  • [ ] Update Platform Manager Configuration Manager:

    • [ ] Job Manager tab

    • [ ] Alarming and Response Manager tab

  • [ ] Update Data Processor Configuration Manager (General tab)

  • [ ] Update AIEngine Configuration Manager (General tab)

  • [ ] Update Global Database Server IP in Configuration Manager

  • [ ] Open LogRhythm Console using Shared Name or IP

  • [ ] Complete New Deployment Wizard if needed

  • [ ] Set appropriate platform in Platform Manager and Data Processor Properties

  • [ ] Configure archive locations on XM systems

Shared System Monitor Configuration

  • [ ] Create host and system monitor records for shared agent

  • [ ] Configure agent identifiers with shared IP and system IPs

  • [ ] Configure agent names and data processor settings

Resource Hierarchy Configuration

Build Appliance Resource Hierarchy

  • [ ] On Primary node, run 2_HA_Build.cmd as administrator

  • [ ] Provide SQL sa password if prompted

  • [ ] Verify completed resource hierarchy in LifeKeeper GUI

Configure EMDB Connections

  • [ ] Configure Platform Manager components to use 'localhost'

  • [ ] Configure non-Platform Manager components to use HA Shared IP

  • [ ] Configure agents to connect to shared HA IP

Update SQL Credentials in LifeKeeper

  • [ ] Right-click SQL_ResTag hierarchy and select Properties

  • [ ] Click Admin Actions

  • [ ] Select Change User and Password

  • [ ] Enter SQL admin account and password

Configure Remote Event Log Collection

  • [ ] Configure System Monitor service to use administrator credentials (both nodes)

  • [ ] Add account to Event Log Readers group (both nodes)

  • [ ] Create LogRhythmHA entity in LogRhythm Console

  • [ ] Create host records for each HA system with -EL suffix

  • [ ] Create log sources for Windows Event Logs

Extend Resource Hierarchy to Secondary Node

  • [ ] Right-click top-level resource tag and select Extend Resource Hierarchy

  • [ ] Select secondary system

  • [ ] Select Create Mirror for D: drive (Gen4) or S: drive (Gen5)

  • [ ] Select Private network for endpoints

  • [ ] Configure subnet mask and network connection

  • [ ] Create mirror for L: volume

  • [ ] Wait for hierarchies to be extended

Final Configuration Steps

  • [ ] Associate DX cluster ID on both nodes

  • [ ] Update mirror settings:

    • [ ] Set LifeKeeper Delete Mirror Flag to False

  • [ ] Verify mirroring status before proceeding with failover tests

Testing and Validation

  • [ ] Wait for all volumes to reach Mirroring state

  • [ ] Test failover functionality

  • [ ] Verify service availability during failover

  • [ ] Confirm data integrity after failover

  • [ ] Validate LogRhythm functionality on both nodes