Skip to main content
Skip table of contents

High Availability Upgrade Checklist

This checklist can be used to record your progress throughout the process of upgrading a LogRhythm High Availability deployment.

Prerequisites Verification

System Requirements

  • [ ] Verify LogRhythm version 7.8+ is installed

  • [ ] Confirm Windows Server 2016, 2019, or 2022 is running on Windows-based appliances

  • [ ] Verify SQL Server 2016, 2019, or 2022 Standard is installed on Platform Manager

  • [ ] Confirm Microsoft .NET Framework 4.7.2 is installed on Platform Manager and core components

  • [ ] Verify Microsoft .NET Core 8.0.3+ is installed on Data Processor and AI Engine services

  • [ ] Check SteelEye DataKeeper version (should be 8.7.0)

  • [ ] Confirm environment is not cloud-based (HA not supported in cloud environments)

  • [ ] Verify nodes are identical in all hardware aspects (storage, RAID, memory, CPUs, etc.)

  • [ ] Schedule adequate downtime (1-3 hours) for the upgrade process

Account Configuration

  • [ ] Verify upgrade user has local administrator privileges for LogRhythm servers

  • [ ] Confirm SQL Server password for LogRhythmAdmin account

  • [ ] Verify SQL Server sa password for LogRhythm databases

  • [ ] Ensure upgrade user has required permissions:

    • [ ] Back up/restore files and directories

    • [ ] Manage auditing and security log

    • [ ] Take ownership of files or other objects

    • [ ] Shut down the system and debug programs

Pre-Upgrade Preparation

  • [ ] Record service credentials for LogRhythm services using Windows accounts

  • [ ] Request LogRhythm license file at least one business day prior to upgrade

  • [ ] Update web.config for LR API (if applicable)

  • [ ] Note Web Console environmental variables (if applicable)

  • [ ] Record Platform Manager IP, LogRhythm Web UI password, and login warning banner

  • [ ] Synchronize stored Knowledge Base (if applicable)

  • [ ] Configure System Monitor service to Startup Type = Automatic

  • [ ] Shut down antivirus and endpoint protection software

  • [ ] Exit all Client Consoles

Download Required Software

  • [ ] LogRhythm Database Upgrade Tool

  • [ ] LogRhythm Install Wizard

  • [ ] HA Upgrade 7.x.zip file

  • [ ] Linux Data Indexer Installer (if applicable)

  • [ ] TLS 1.2 Patches and Hotfixes

  • [ ] Optional: System Monitor Packages for *NIX

Pre-Upgrade Steps

Prepare HA Environment

  • [ ] Stop LifeKeeper Protection:

    • [ ] Open LifeKeeper GUI as Administrator

    • [ ] Right-click top-level resource (e.g., XM_ResTag) and select "Out of Service"

  • [ ] Optional: Stop collectors or remote System Monitors

  • [ ] Run Pre-Upgrade Script on each node:

    • [ ] Extract HA Upgrade 7.x.zip file

    • [ ] Right-click PreUpgrade.ps1 and select "Run with PowerShell"

Database Upgrade Process

Database Upgrade

  • [ ] Log in to the active HA node as administrator

  • [ ] Run LogRhythmDatabaseUpgradeSetup.exe as administrator

  • [ ] Select SQL Server Authentication and provide credentials

  • [ ] Review components screen

  • [ ] Select databases to back up (EMDB required)

  • [ ] Choose backup directory with sufficient space

  • [ ] Complete database upgrade process

Apply SQL Server Updates for TLS 1.2 (if needed)

  • [ ] Apply SQL Server hotfix to Platform Manager

  • [ ] Apply SQL Server Native Client hotfix to all appliances connecting to SQL Server

Appliance Upgrade Process

Update Windows Appliances

  • [ ] Log in as administrator on each appliance

  • [ ] Run LogRhythmInstallWizard.exe as administrator

  • [ ] Select appropriate appliance configuration

  • [ ] In LogRhythm Deployment Tool:

    • [ ] Select "Upgrade Deployment"

    • [ ] Supply HA shared IP address (not individual node IPs)

    • [ ] Create deployment package

    • [ ] Run Host Installer on primary node

  • [ ] Copy deployment package to secondary node

  • [ ] On secondary node, run:

    CODE 
    LRII_Windows.exe --ha-secondary=<shared IP address>

  • [ ] Configure LogRhythm settings using Configuration Manager

  • [ ] Close Install Wizard and repeat for secondary node

Run Post-Upgrade Script

  • [ ] On active HA node, browse to HA Upgrade 7.x subdirectory

  • [ ] Right-click PostUpgrade.ps1 and select "Run with PowerShell"

  • [ ] Verify LifeKeeper GUI hierarchy (check for Metrics ResTags)

Update Data Indexers

  • [ ] Configure proxy connection (if applicable)

  • [ ] Configure for dark sites without internet access (if applicable)

  • [ ] Upgrade single-node or multi-node cluster as appropriate

  • [ ] Validate Linux Indexer upgrade by checking logs

Post-Upgrade Configuration

License and Configuration

  • [ ] Import LogRhythm license file

  • [ ] Configure Data Indexer settings

  • [ ] Update advanced configuration settings as needed

System Startup and Verification

  • [ ] Upgrade and start other agents (Windows and Linux System Monitors)

  • [ ] Configure or verify communication ports

    • [ ] Remote Console access ports (TCP 13130, 13132)

    • [ ] Linux Data Indexer ports

    • [ ] Windows Data Indexer ports

  • [ ] Add realtime antivirus exclusions for LogRhythm directories

  • [ ] Verify Web Console processes are running

FIPS Configuration (if applicable)

  • [ ] Disable Deep Check for SQL_ResTag in LifeKeeper:

    • [ ] Right-click SQL_ResTag on active server

    • [ ] Select Deep Check Interval

    • [ ] Set to "Disable Deep Check"

    • [ ] Repeat for inactive server

Final Verification

  • [ ] Verify all LogRhythm services are started

  • [ ] Confirm Console connection to EMDB server

  • [ ] Test access to Web Console

  • [ ] Verify search functionality

  • [ ] Check Data Processor status

  • [ ] Confirm Data Indexer cluster health

  • [ ] Test failover functionality

  • [ ] Document completed upgrade

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close