Lessons Learned: ConnApp to ArcMC Migration
Starting this thread to help out anyone who is looking at a ConnApp to ArcMC migration experience. Overall I found that if you paid attention o the documentation you'll find that the overall process is not difficult, and can be done relatively easily
- Almost 100 CA deployed of various gens/sizes
- All remotely managed from a single CA
- After migration there is no "node management" or "configuration management" tabs available only administration. Reason being was admin user was not set in the ArcMC permissions group, in fact, there was not ArcMC permissions group created, so I had to make it myself.
- If the ConnApp you have migrated was used to manage other CA's, The ArcMC agent doesn't get installed automatically.
- To fix this you have use the host export/import feature, to bulk re-add all your managed hosts. Doing this one by one is extremely time consuming
- Most likely a by-product of Issue 2, but all the previously imported hosts report as software connectors, no matter what they were previously ie C3500, C5500 etc
- This also shows because your managed devices won't be separated into the appropriate tabs ie "connector appliance", "ArcMC" etc
- The import host processes almost always fails, but does add a majority of the hosts. So you will need to double check the import log vs whats is shown
- Also almost every single time I have seen the import hosts miss the last host in your import list
- This has been a huge pain, but when using the import host feature, the host is added, but the containers belonging to that host are NOT imported
- To fix you need to manually check every hosts, and if there are no containers present you will have to scan host to get the containers imported
- The documentation on the import host procedure for making the csv is very unclear, but you need a special header line for the import to work
- The following line in quotes needs to be the first line of your csv "location,hostname,type,host username,host password,connector username,connector password,port/port range"
- This is still relatively unclear to me, but though the ArcMC will still work with a ConnApp license, it has been recommend that you also migrate the license to an ArcMC license
- Support knows little about this, but the Licensing team can do this for you, you will need to provide SAID, list of migrated appliances and their serial numbers for them to migrate the license from a CA license to an ArcMC license
- When scanning hosts to add containers, I have had a couple times where the container would not be associated with the correct port. For example Container 5 was associated with Port 9008
- The fix for this was to go directly to the managed host > send container command > regenerate remote mgmt key par > let it restart > click container to re-download the new keys. After that go back to your managing ArcMC, delete the host and re-add it. This solved the problem for me
- UPDATE: The above fix worked well when my managed host was a ConnApp, but it broke all my containers when it was an ArcMC. I was unable to re-download the new keys after I went through the steps. I have had to do an emergency restore to get this working again.
When taking a config backup of your old ConnApp make sure its less than 400mb, if its slightly larger there is a work around to allow a larger upload limit by going to <ArcSight_Home>/config/logger/logger.defaults.properties and edit the connectorappliance.restore.max.megabytes= 400 property. The biggest causes of a large config backup size is going to be cache in your connectors, so try and make sure your connectors don't have any caches in them or else your back up can be several gb in size.
This is all I have for now, I will update this thread if I see anything new. I hope this helps anyone else looking to doing a CA to ArcMC migration in the future.
Hi Brian, came across this post while upgrading conApp to ArcMC this week (finally getting to it). Issue #1 bit me on the a$$. One one conApp - no issues - couple glitches on the gui with intermediate versions, but no major concerns and got thru the migration and subsequent upgrades, and on to current (2.2) and things appear to be working so far.
On the next try though, the migration to 2.0 for some reason did not create any ArcMC admin groups, as you noted. Another side effect of this restriction, partly my bad I suppose for not fixing it before attempting to update again, was that the next upload (trying to get to 2.02 or 2.1) sat in the "uploading" state indefinitely. No errors, etc. just hung there while the timer counted away the minutes. I thought maybe the permission group issue was a bug that 2.1 would fix, but I couldn't get to 2.1 without fixing it myself first. I created these groups manually, put my admin account(s) in them, and the GUI presented the necessary tabs (until then, only the "administration" tab was visible.) and the next update worked.
These 2 conApps are identical in every respect. One upgrade goes well, one tanks. Anyway, your post (even a year ago) was very helpful, thanks for taking the time.
also noticed (so far)
- one conApp upgrade resulted in all existing hosts being re-created in a "default" location (the original location was also preserved / migrated but remained empty after the upgrade) - this did not occur on the other conApp (existing location migrated and populated correctly)
- the login banner text went from no-scroll (conApp) to scroll (AcrMC 2.1) to no-scroll (ArcMC 2.2)
These were cosmetic / easy fixes, but still interesting to observe as the conApp appliances are the same model, version, etc.. Anyway the latter point made me wonder for a second if the same code base was used for the various versions / upgrades.
Realize this is an old thread but there may be others still navigating their way thru the ArcMC migration process....