Important NetMon Upgrade Notices
This page contains important information regarding NetMon upgrades. Depending on your current NetMon version, the upgrade path could vary greatly. Refer to Determine the NetMon Version and Upgrade Path for more information on finding your current version and determining how to upgrade.
Upgrading to 5.0.4 from Any Version
NetMon version 5.0.4 introduces Keycloak, a centralized identity and access management solution, and bearer tokens to enhance security and protect user credentials. Due to this migration, administrators must perform key actions post-upgrade to ensure continued access for all users. Please review the following required actions carefully.
Change / Migration Limitation | Required Action |
|---|---|
User Password Reset | Passwords are not migrated to Keycloak and are reset to a default password, “changeme”. Inform your users that they should change their password upon their first login after the upgrade. |
Default Admin Credentials | The default admin user password will be reset to “changeme”. After the upgrade, you must immediately change the default admin password to secure the system. |
LR SIEM Integration | To continue NetMon integration with your LogRhythm SIEM deployment, update the LogRhythm SIEM configuration to use the new token-based authentication. Refer to Integrate NetMon with LogRhythm SIEM for more information. |
Other Integrations | To continue any other NetMon integrations, update your integrations to use the new token-based authentication. |
Upgrading to 4.0.7 from 4.0.5
To upgrade to 4.0.7, first upgrade to 4.0.5. If you are running version 4.0.1 - 4.0.4, upgrade directly to 4.0.5 before upgrading to 4.0.7. If you are running NetMon 3.6.1 - 3.9.3, you must first upgrade to version 4.0.1 before continuing the upgrade to 4.0.5, then upgrade to 4.0.7.
Upgrading to 4.0.5
To upgrade from a version of NetMon prior to 3.6.1, or if you have other questions about the upgrade process, please contact LogRhythm Support.
This upgrade may include several additional configuration steps to ensure that existing dashboards and data are not lost.
NetMon 3.6.2 was a critical security update, and all users running older versions of NetMon should upgrade to 3.6.2 or later as soon as possible.
If you are upgrading from NetMon 3.6.1 - 3.9.3 and performed the intermediate upgrade step to NetMon 4.0.1, you must wait until the 4.0.1 nm-reindexer process finishes before upgrading to 4.0.5. The 4.0.1 nm-reindexer process migrates the previous Elasticsearch 1.7 indices to the Elasticsearch 7.2 index format.
If the upgrade to 4.0.5 fails, either wait 24 hours before attempting the upgrade again or run the following command via SSH to verify that the reindexer step is complete:
systemctl status nm-reindexerIf the process is complete, the following message appears, indicating that it is safe to proceed with the upgrade to 4.0.5:
Unit nm-reindexer.service could not be found.More information about the migration’s progress is available in /var/log/probe/nm-reindexer.log.
Potential Need to Re-Apply Enterprise License
When upgrading from 4.0.1, 4.0.2, or 4.0.3 to 4.0.4 or 4.0.5, the Cassandra database is upgraded from 1.1.11 to 3.11, and Enterprise licenses are transferred. If an error occurs in reading and saving the license from Cassandra 1.1.11, then the license will need to be reapplied following the upgrade to 4.0.4 or 4.0.5.
After completing the upgrade to 4.0.4 or 4.0.5, log in to NetMon. If prompted to apply a license, reapply your existing license.
Freemium Licenses are not Transferred
Following the upgrade to 4.0.4 or 4.0.5 from versions 4.0.1, 4.0.2, or 4.0.3, a new Freemium license needs to be applied. Prompts for applying the license automatically appear on first login following the upgrade.
New Self-Signed NGINX Certificate and Key Files
New self-signed NGINX certificate and key files are being shipped with 4.0.5 to replace the expired certificate and key. This can cause some issues with browsers. For example, Chrome requires the user type "thisisunsafe" to proceed to NetMon UI.
On upgrade, the UI continues to indicate a system reboot indefinitely. When the UI indicates the upgrade has completed and the system is rebooting, close the browser window, reopen a new browser window, and enter "thisisunsafe" to reload the UI.