Symantec Data Insight Upgrade Instructions

Symantec Data Insight
Upgrade Instructions
Microsoft Windows
1.0.2
Symantec Proprietary and Confidential
Symantec Data Insight Upgrade Instructions
The software described in this book is furnished under a license agreement and may be used
only in accordance with the terms of the agreement.
Documentation version: 1.0.2.0
Legal Notice
Copyright © 2010 Symantec Corporation. All rights reserved.
Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec
Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks
of their respective owners.
This Symantec product may contain third party software for which Symantec is required
to provide attribution to the third party (“Third Party Programs”). Some of the Third Party
Programs are available under open source or free software licenses. The License Agreement
accompanying the Software does not alter any rights or obligations you may have under
those open source or free software licenses. Please see the Third Party Legal Notice Appendix
to this Documentation or TPIP ReadMe File accompanying this Symantec product for more
information on the Third Party Programs.
The product described in this document is distributed under licenses restricting its use,
copying, distribution, and decompilation/reverse engineering. No part of this document
may be reproduced in any form by any means without prior written authorization of
Symantec Corporation and its licensors, if any.
THE DOCUMENTATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED CONDITIONS,
REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT,
ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO
BE LEGALLY INVALID. SYMANTEC CORPORATION SHALL NOT BE LIABLE FOR INCIDENTAL
OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING,
PERFORMANCE, OR USE OF THIS DOCUMENTATION. THE INFORMATION CONTAINED
IN THIS DOCUMENTATION IS SUBJECT TO CHANGE WITHOUT NOTICE.
The Licensed Software and Documentation are deemed to be commercial computer software
as defined in FAR 12.212 and subject to restricted rights as defined in FAR Section 52.227-19
"Commercial Computer Software - Restricted Rights" and DFARS 227.7202, "Rights in
Commercial Computer Software or Commercial Computer Software Documentation", as
applicable, and any successor regulations. Any use, modification, reproduction release,
performance, display or disclosure of the Licensed Software and Documentation by the U.S.
Government shall be solely in accordance with the terms of this Agreement.
Symantec Proprietary and Confidential
Symantec Corporation
350 Ellis Street
Mountain View, CA 94043
http://www.symantec.com
Symantec Proprietary and Confidential
Technical Support
Symantec Technical Support maintains support centers globally. Technical
Support’s primary role is to respond to specific queries about product features
and functionality. The Technical Support group also creates content for our online
Knowledge Base. The Technical Support group works collaboratively with the
other functional areas within Symantec to answer your questions in a timely
fashion. For example, the Technical Support group works with Product Engineering
and Symantec Security Response to provide alerting services and virus definition
updates.
Symantec’s support offerings include the following:
■
A range of support options that give you the flexibility to select the right
amount of service for any size organization
■
Telephone and/or web-based support that provides rapid response and
up-to-the-minute information
■
Upgrade assurance that delivers software upgrades
■
Global support purchased on a regional business hours or 24 hours a day, 7
days a week basis
■
Premium service offerings that include Account Management Services
For information about Symantec’s support offerings, you can visit our web site
at the following URL:
www.symantec.com/business/support/
All support services will be delivered in accordance with your support agreement
and the then-current enterprise technical support policy.
Contacting Technical Support
Customers with a current support agreement may access Technical Support
information at the following URL:
www.symantec.com/business/support/
Before contacting Technical Support, make sure you have satisfied the system
requirements that are listed in your product documentation. Also, you should be
at the computer on which the problem occurred, in case it is necessary to replicate
the problem.
When you contact Technical Support, please have the following information
available:
■
Product release level
Symantec Proprietary and Confidential
■
Hardware information
■
Available memory, disk space, and NIC information
■
Operating system
■
Version and patch level
■
Network topology
■
Router, gateway, and IP address information
■
Problem description:
■
Error messages and log files
■
Troubleshooting that was performed before contacting Symantec
■
Recent software configuration changes and network changes
Licensing and registration
If your Symantec product requires registration or a license key, access our technical
support web page at the following URL:
www.symantec.com/business/support/
Customer service
Customer service information is available at the following URL:
www.symantec.com/business/support/
Customer Service is available to assist with non-technical questions, such as the
following types of issues:
■
Questions regarding product licensing or serialization
■
Product registration updates, such as address or name changes
■
General product information (features, language availability, local dealers)
■
Latest information about product updates and upgrades
■
Information about upgrade assurance and support contracts
■
Information about the Symantec Buying Programs
■
Advice about Symantec's technical support options
■
Nontechnical presales questions
■
Issues that are related to CD-ROMs or manuals
Symantec Proprietary and Confidential
Support agreement resources
If you want to contact Symantec regarding an existing support agreement, please
contact the support agreement administration team for your region as follows:
Asia-Pacific and Japan
[email protected]
Europe, Middle-East, and Africa
[email protected]
North America and Latin America
[email protected]
Additional enterprise services
Symantec offers a comprehensive set of services that allow you to maximize your
investment in Symantec products and to develop your knowledge, expertise, and
global insight, which enable you to manage your business risks proactively.
Enterprise services that are available include the following:
Managed Services
Managed Services remove the burden of managing and monitoring security
devices and events, ensuring rapid response to real threats.
Consulting Services
Symantec Consulting Services provide on-site technical expertise from
Symantec and its trusted partners. Symantec Consulting Services offer a variety
of prepackaged and customizable options that include assessment, design,
implementation, monitoring, and management capabilities. Each is focused on
establishing and maintaining the integrity and availability of your IT resources.
Education Services
Education Services provide a full array of technical training, security education,
security certification, and awareness communication programs.
To access more information about enterprise services, please visit our web site
at the following URL:
www.symantec.com/business/services/
Select your country or language from the site index.
Symantec Proprietary and Confidential
Upgrading Symantec Data
Insight to 1.0.2
This document includes the following topics:
■
About Symantec Data Insight
■
Upgrading the Data Insight Management Server to 1.0.2
■
Upgrading a Data Insight worker node to 1.0.2
■
Running the upgrade script
■
Detecting and repairing a corrupt index
About Symantec Data Insight
Many organizations struggle with identifying data users and owners for their
unstructured data. This challenge is compounded with the fact that organizations
lack visibility into the types of content and data that is spread across their
computing environment.
With Symantec Data Insight, users can monitor file access to automatically identify
the data user of a file based on the access history. This method enables more
efficient remediation and data management.
Symantec Data Insight scans unstructured data systems and collects full access
history of users across the data. Symantec Data Insight helps organizations
monitor and report on access to sensitive information.
Symantec Data Insight helps organizations solve the problem of identifying data
owners and responsible parties for information in spite of incomplete or inaccurate
metadata or tracking information. This helps support large-scale business
owner-driven remediation processes and workflows.
Symantec Proprietary and Confidential
8
Upgrading Symantec Data Insight to 1.0.2
Upgrading the Data Insight Management Server to 1.0.2
Data Insight can provide the following information:
■
Who owns the data
■
Who has seen the data
■
Who has access to the data
■
What data is most at-risk
■
Frequency of usage of data
The ownership and usage information from Data Insight can be used for the
following purposes:
■
Data owner identification
Data Insight enables rule-based inference of data owners based on actual usage.
Data owner information may not reflect the responsible party. The responsible
party or data owner can be a line manager in the business unit, the head of a
department, or an information security officer. Symantec Data Insight provides
information to tie the most active user of a file to a manager or responsible
party for remediation steps.
■
Data leak investigation
In the event of a data leak, you may want to know who saw a particular file.
On the Symantec Data Insight Management Server, you can view detailed
information and an audit history of who accessed the data.
■
Locate at-risk data
Data Insight enables organizations to find which shares or folders have overly
permissive access rights. With this information, organizations can prioritize
risk-reduction efforts such as the discovery of sensitive data or a review of
permissions (or access control rights) to limit access to only those individuals
who have a business need.
Upgrading the Data Insight Management Server to
1.0.2
You can upgrade a Symantec Data Insight 1.0.1 installation to 1.0.2.
Before you begin the upgrade to Symantec Data Insight 1.0.2, note the following:
■
You can upgrade a 1.0.1 Management Server to 1.0.2. We do not support
upgrading a 1.0 Management Server directly to 1.0.2. If you have a 1.0
Management Server, you need to upgrade to 1.0.1 before you can upgrade to
1.0.2.
Symantec Proprietary and Confidential
Upgrading Symantec Data Insight to 1.0.2
Upgrading the Data Insight Management Server to 1.0.2
■
As an optional best-practice measure, Symantec recommends that you backup
your data in files in a temporary directory, before you upgrade your software.
■
Upgrade your Management Server before you upgrade any worker node.
■
Run the 1.0.2 upgrade script on all the servers that act as an indexer, that is
servers that store access events and scan information of shares. To verify
whether a node is an indexer, check to see if the DATA_DIR\indexer\default
directory has any directories under it.
See “Running the upgrade script” on page 14.
■
The upgrade clears all permissions data from the filers. The permissions data
will be available again only after a full scan of all filers is complete.
To upgrade the Data Insight Management Server to 1.0.2
1
Log on as Administrator to the server hosting the Management Server.
2
Click Start > Run and type services.msc in the text box.
3
In the Services window, stop the following services:
■
DataInsightWeb
■
DataInsightConfig
■
DataInsightComm
■
DataInsightCelerra (if present)
■
DataInsightFpolicy (if present)
4
Take a backup of the Data Insight logs and crash dumps, if available. These
files are available in the DataInsight\log and DataInsight\dumps folders
under the install directory.
5
Rename the existing data directory. For example, you can rename
C:\DataInsight to C:\DataInsight_Upgrade.
6
From Add/Remove Programs, uninstall Data Insight 1.0.1. For more
information, see the Symantec Data Insight Installation Guide.
7
Restart the system.
8
To launch the 1.0.2 installer, double-click
Symantec_Data_Insight_1.0.2_N_xPP.exe,
where,
■
N is the build number, and
■
PP is the architecture - x86:32 bit, x64:64 bit.
Symantec Proprietary and Confidential
9
10
Upgrading Symantec Data Insight to 1.0.2
Upgrading the Data Insight Management Server to 1.0.2
9
On the Welcome to the Symantec Data Insight Setup Wizard window, click
Next.
Note: Symantec recommends that you let the installation process complete
once you start it. You can uninstall the software after the installation is
complete.
10 In the License Agreement window, select I accept the agreement, and click
Next.
11 In the Select Destination Directory window, browse to the directory in which
you want Data Insight to be installed. By default, the destination directory is
C:\Program Files\Symantec\DataInsight.
12 In the Configure Type of Install window, select the Install Everything
installation option, and click Next.
13 In the Configure Data Directory window, select the same location as the
previous data directory. Click Next.
14 In the Management Server Properties window, enter the following details:
Management Server
Address
The Fully Qualified Host Name (FQHN) of the current
host.
The remote worker nodes use this address to
communicate with the Management Server
Web Server port
The secure (HTTPS) web server port on which you can
access the Web interface of the Management Server.
Do not select the Scan current Active Directory Domain checkbox at this
time. If the Management Server is not part of any Active Directory domain,
this option is disabled.
Click Next.
Symantec Proprietary and Confidential
Upgrading Symantec Data Insight to 1.0.2
Upgrading the Data Insight Management Server to 1.0.2
15 In the Configure Networking window, enter the following information, and
click Next:
Communication Service
Port
The Communication Service is responsible for all
inter-node communication. Communication Service uses
Secure Sockets Layer (SSL) to secure communication
between the Data Insight nodes. The SSL keys are
generated during installation. By default, Communication
Service connects through sever port 8383.
Configuration Service Port Configuration service is a process that provides interface
to configuration and other product data stored on the
local system. This service port does not need to be
accessible outside the host machine.
16 In the Configure a Product Administrator window, enter the following
information , and click Next:
■
Name of the user who can log in to Symantec Data Insight with Product
Administrator privileges
■
Name of the domain to which the user belongs
Note: The product administrator must be a local user or must belong to the
same domain as the Management Server.
17 To disable crash reporting, in the Configure Crash Reporting window, clear
the Enable Dr.Watson for Windows checkbox.
By default the checkbox is selected. This option is not visible for Microsoft
Windows 2008.
18 In the Select Start Menu Folder, select the folder where you want the installer
to place the program shortcuts.
The option, Create shortcuts for all users, is selected by default.
19 In the Additional Tasks window, select the tasks, as appropriate.
20 To start the installation process, click Next.
The Installing window appears and displays a progress bar.
21 The Completing the Symantec Data Insight setup wizard window provides
you an option launch the Management Server on exit. Do not select this
option.
22 Clear the Start services now checkbox.
Symantec Proprietary and Confidential
11
12
Upgrading Symantec Data Insight to 1.0.2
Upgrading a Data Insight worker node to 1.0.2
23 To exit setup, click Finish.
24 Navigate to the location of the Data directory, and delete the newly created
DataInsight folder.
25 To restore the previous Data directory, change the name of the data directory
renamed in Step 5 to DataInsight.
26 Ensure that the index is not corrupt. For complete steps to detect and repair
a corrupt index.
See “Detecting and repairing a corrupt index” on page 15.
27 Complete the steps to run the upgrade script.
See “Running the upgrade script” on page 14.
28 Start the services in the following sequence:
■
DataInsightConfig
■
DataInsightComm
■
DataInsightWeb
Upgrading a Data Insight worker node to 1.0.2
You can upgrade a Data Insight worker node to 1.0.2.
To upgrade a worker node
1
Log on (or remote logon) as Administrator to the computer that is intended
for the worker node.
2
Click Start > Run and type services.msc in the text box.
3
In the Services window, stop the following services:
■
DataInsight Config
■
DataInsight Comm
■
DataInsight Celerra
■
DataInsight Fpolicy
4
Take a backup of the Data Insight configuration and data files, specifically
the Logs and Dumps folders.
5
Rename the DataInsight data directory. For example, you can rename it to
DataInsight_Upgrade
6
Uninstall Data Insight 1.0.1. For more information, see the Symantec Data
Insight Installation Guide.
Symantec Proprietary and Confidential
Upgrading Symantec Data Insight to 1.0.2
Upgrading a Data Insight worker node to 1.0.2
7
To launch the installer, double-click
Symantec_Data_Insight_version_architecture.exe.
8
On the Welcome to the Symantec Data Insight Setup Wizard window, click
Next.
9
In the License Agreement window, select I accept the agreement, and click
Next.
10 In the Select Destination Directory window, browse to the directory in which
you want Data Insight to be installed. By default, the destination directory is
C:/Program Files/Symantec/Data Insight.
Note: You cannot install the worker node on the same machine as the
Management Server.
11 Depending on your deployment scenario, in the Configure Type of Install
window, select Install Indexer and Collector or Install Collector only as the
installation option.
12 Click Next.
13 In the Configure Data Directory window, select the same location as the
previous data directory. Click Next.
14 In the Worker Node Properties window, enter the Fully Qualified Host Name
(FQHN) of the host. This name must be resolvable from the Management
Server and the other worker nodes.
15 In the Configure Networking window, enter the following information:
Communication Service Port The Communication Service is responsible for all
inter-node communication. Communication Service
uses Secure Sockets Layer (SSL) to secure
communication between the Data Insight nodes. The
SSL keys are generated during installation. By default,
Communication Service connects through sever port
8383.
Configuration Service Port
Configuration service is a process that provides
interface to configuration and other product data
stored on the local system. This service port does not
need to be accessible outside the host machine.
Note: The installer validates whether the appropriate ports are free to accept
connections.
Symantec Proprietary and Confidential
13
14
Upgrading Symantec Data Insight to 1.0.2
Running the upgrade script
16 To disable crash reporting, in the Configure Crash Reporting window, uncheck
the Enable Dr.Watson for Windows checkbox.
By default the checkbox is selected.
17 In the Select Start Menu Folder, select the folder where you want the installer
to place the program shortcuts. The option, Create shortcuts for all users,
is selected by default. To start the installation process, click Next.
18 To register the worker node with the Management Server after you exit setup,
clear the Launch Worker Node Registration Wizard after exit checkbox.
Note: You do not need to register the worker node at this time.
19 Clear the Start services now checkbox.
20 To exit setup, click Finish.
21 Navigate to the location of the Data directory, and delete the newly created
Data Insight folder.
22 To restore the previous Data directory, change the name of the data directory
renamed in Step 5 to DataInsight.
23 Ensure that the index is not corrupt.
For complete steps to detect and repair a corrupt index, See “Detecting and
repairing a corrupt index” on page 15.
24 Complete the steps to run the upgrade script.
See “Running the upgrade script” on page 14.
25 Delete any existing scan files in the inbox or outbox of collector node. Look
for files named *_scan.* in DATADIR/inbox and DATADIR/outbox folders.
Delete them if these files exist.
26 Enable and start the services in the following sequence:
■
DataInsight Config
■
DataInsight Comm
Running the upgrade script
After you complete upgrading the Management Server and worker nodes, you
must run the upgrade script.
Symantec Proprietary and Confidential
Upgrading Symantec Data Insight to 1.0.2
Detecting and repairing a corrupt index
Note: Run the 1.0.2 upgrade script on all the servers that act as an indexer, that
is servers that store access events and scan information of shares. To verify
whether a node is an indexer, check to see if the DATA_DIR\indexer\default
directory has any directories under it.
To run the upgrade script:
1
Open a Windows command prompt, and change to the directory where the
upgrade script resides.
2
Type the following command:
set PATH=C:\Program Files\Symantec\DataInsight\perl\bin;
C:\Program Files\Symantec\DataInsight\bin;
%PATH%perl update_1.0.1_1.0.2
<Data Insight Data directory_path>
Ensure that you specify the path to the data directory in the following format:
"C:/Datainsight/data"
Detecting and repairing a corrupt index
Complete the following steps to check the status of a index and detect and fix a
corrupt index.
To check the status of an index
1
Open a command prompt
2
Change to the following directory:
cd C:\Program Files\Symantec\DataInsight\bin
3
To navigate to the Data directory, type the following command, and press
Enter:
..\perl\bin\perl.exe idxcheck $data > check.txt
For example, if your data directory is C:\DataInsight\data, type
..\perl\bin\perl.exe idxcheck C:\DataInsight\data > check.txt.
Symantec Proprietary and Confidential
15
16
Upgrading Symantec Data Insight to 1.0.2
Detecting and repairing a corrupt index
To detect and fix a corrupt index
1
To locate the corrupt indexes, open check.txt and scroll to the bottom of
the file.
A sample of the text in the bottom of the file is shown below:
SUMMARY:
Shares Tracked: 149
Storage Capacity: 8,168,362,782,964 (7.43 TB)
Total Directories: 9,703,008
Total Files: 16,868,117
Total Events: 2,047,288
Integrity: 148
IndexDB Size: 3,691,979,776 (3.44 GB)
Segments Size: 57,830,691 (55.15 MB)
2
Check if the value for Shares Tracked matches the value of the Integrity
property.
If not, one or more indexes are corrupt. To detect the index that's corrupt,
look for the following text in check.txt:
INTEGRITY: failed
3
Make a note of all indexes that are corrupt.
4
Delete all corrupt indexes. For example, if index 136 is corrupt, delete the
folder $data\indexer\default\136.
5
Move the input files for the corrupt index from to $data\indexer\err to
$data\inbox.
When an index gets corrupt, all subsequent input files for that index cannot
be processed. These input files are saved in the $data\indexer\err folder.
The input files are then reprocessed after they are moved to the $data\inbox.
Symantec Proprietary and Confidential