In OES 2018 SP2 Update 8, we are addressing security vulnerability log4j2 that impacts Elasticsearch. Elasticsearch stores data that is displayed in Insights and Dashboard pages of the CIS Admin Console.
On patching the OES server to Update 8, you must perform the following steps to transfer the data from Elasticsearch 7.7 to 6.8.22:
Before applying the patch CIS server is running with Elasticsearch 7.7. Data is displayed in the Insights and Dashboard pages of the CIS Admin Console.
Apply OES 2018 SP2 Update 8 patch, for more information, see OES 2018 SP2: Installation Guide.
Restart the CIS server.
There will be no data displayed in the Insights and Dashboard pages of the CIS Admin Console.
(Conditional) If the configuration path is /media/nss/CISVOL (cluster volume), then ensure the cluster volume is up and running.
Verify the status of Elasticsearch 6.8.22. If not running, restart the service.
systemctl status oes-cis-elastic.service
systemctl restart oes-cis-elastic.service
Start Elasticsearch 7.7 and verify the status.
systemctl start oes-cis-old-elastic.service
systemctl status oes-cis-old-elastic.service
Verify the health of CIS.
cishealth
Before proceeding ensure CIS is healthy.
(Conditional) If the configuration path is a cluster volume, then move the configuration file from the cis_local location to the media path (/media/nss/CISVOL).
sh /opt/novell/cis/bin/copy_upgraded_files.sh
Run the following command to move data from Elasticsearch 7.7 to Elasticsearch 6.8.22
sh /var/opt/novell/cis/elastic_move_data.sh migrate
The migration takes some time to complete. You can verify the logs at /var/opt/novell/log/cis/cis_elastic_move_<timestamp>.log.
On successful transferring the data, the Insights and Dashboard pages of the CIS Admin Console will populate the existing data.