Troubleshooting
Problem
Gathering logging for Network IPS (GX) for issues when downloading updates.
Diagnosing The Problem
When you are unable to download updates for a Network IPS (GX) device at firmware 4.x, go through the information in this article to generate the appropriate logs for Customer Support to troubleshoot the issue.
Is the GX configured to update from xpu.iss.net or from the SiteProtector X-Press Update Server?
Note: If you are unsure how it is configured to update, you can confirm this by opening the Update Settings policy and clicking the License and Update Servers tab. If the highest enabled entry has the Host or IP column set to xpu.iss.net, select the From xpu.iss.net radio button. If it is set to the SiteProtector X-Press Update Server's IP/hostname, select the From the SiteProtector X-Press Update Server radio button. For details about configuring the GX to get updates through SiteProtector, see Technote 1683679: Configuring Network IPS at firmware 4.x to pull updates from SiteProtector .
Is the GX configured to update from xpu.iss.net or from the SiteProtector X-Press Update Server?
Note: If you are unsure how it is configured to update, you can confirm this by opening the Update Settings policy and clicking the License and Update Servers tab. If the highest enabled entry has the Host or IP column set to xpu.iss.net, select the From xpu.iss.net radio button. If it is set to the SiteProtector X-Press Update Server's IP/hostname, select the From the SiteProtector X-Press Update Server radio button. For details about configuring the GX to get updates through SiteProtector, see Technote 1683679: Configuring Network IPS at firmware 4.x to pull updates from SiteProtector .
From xpu.iss.net
- Open the Update Settings policy. If the device is registered with SiteProtector, right-click the agent from the Agent view and select Manage Policy. If the device is not registered with SiteProtector, go to the LMI and access Manage System Settings > Updates and Licensing > Update Settings.
- Click the Advanced Parameters tab and modify the lum.log.level parameter to a value of 6.
- Save and deploy the policy.
- In the LMI, go to Manage System Settings > Updates and Licensing > Administration.
- Click the Check for updates link under Update tools on the left side. For more details about using the Update tools, see the Using update tools documentation.
Note: You can also attempt to install any available updates if any are available. - Now, SSH to the device by using the root credentials and run the command below:
provinfo - After the ProvInfo has been generated, open the Update Settings policy as we did in step 1.
- Click the Advanced Parameters tab and modify the lum.log.level parameter back to the default of 3.
- Save and deploy the policy.
- Finally, we'll need to gather the ProvInfo that was created in step 6 from /var/support/. You need to use an SCP program to retrieve the file. You can use something like WinSCP to grab the file from the appliance.
Send the ".tgz" file to Support by using Enhanced Customer Data Repository (ECuRep) .
From the SiteProtector X-Press Update Server
- Download the udrc.zip file that is attached to this article.
udrc.zip - Unzip the file named .udrc into the appropriate directory below on your X-Press Update Server machine:
\Program Files\ISS\SiteProtector\Application Server\webserver\IHS\
Note: The Windows operating system does not allow users to create a file name starting with a period so you must provide the ".udrc" file to customers in a compressed file. You should not attempt to rename it because the operating system will not allow you change it back to its original form that begins with a period. - Locate the following file and open it with a text editor:
\Program Files\ISS\SiteProtector\Application Server\webserver\IHS\conf\UpdateServer.xml - Find the line that looks like:
<Logging level='ERROR'>
And change it to:
<Logging level='DEBUG'>
Note: The original version of the line might have a word other than ERROR, depending on modifications that previous users have made to the system. - Open Windows Services and restart the SiteProtector Web Server service.
- In the LMI of the GX, go to Manage System Settings > Updates and Licensing > Administration.
- Click the Check for updates link under Update tools on the left side. For more details about using the Update tools, see the Using update tools documentation.
Note: You can also attempt to install any available updates if any are available. - Once the update attempt completes, add the following files to a single compressed file:
- \Program Files\ISS\SiteProtector\Application Server\webserver\IHS\htdocs\XPU\UpdateServer.log
- \Program Files\ISS\SiteProtector\Application Server\webserver\IHS\conf\*.xml
- \Program Files\ISS\SiteProtector\Application Server\webserver\IHS\.udout
- Delete the ".udrc" file and revert the changes that were made in steps 3 and 4.
- Restart the following services:
SiteProtector Web Server
SiteProtector Sensor Controller Service
Important: Failure to follow steps 8 and 9 results in large logs files. This can lead to disk space issues on the system. - Now, SSH to the device by using the root credentials and run the command below:
provinfo - Finally, we'll need to gather the ProvInfo that was created in step 11 from /var/support/. You need to use an SCP program to retrieve the file. You can use something like WinSCP to grab the file from the appliance.
Send the ".tgz" file and the compressed file that was created from step 8 to Support using Enhanced Customer Data Repository (ECuRep) .
Related Information
[{"Product":{"code":"SS9SBT","label":"Proventia Network Intrusion Prevention System"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Updates","Platform":[{"code":"PF009","label":"Firmware"}],"Version":"4.6.1;4.6.2","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]
Was this topic helpful?
Document Information
Modified date:
16 July 2021
UID
swg21683680