Post-upgrade tasks

Where you are in the Upgrade process

1. Ensure that TrueSight Smart Reporting - Platform is upgraded to version 20.02.01. For more information, see 

   Upgrading TrueSight Smart Reporting - Platform .

2. If you have disabled the NSH proxy on the reports server before upgrade, enable it by adding the appserver_protocol=ssoproxy in the secure file. Use the following command to add the entry:
   

   secadmin -m default -p 5 -appserver_protocol ssoproxy

3. If you are upgrading from TrueSight Server Automation - Data Warehouse 8.9.04.002, delete the existing scheduled cache filters.

    Do the following:

   1. Open TrueSight Smart Reporting - Platform login page by accessing the following URL:
      https://<hostname>:port/tsr
   2. From the Log in as list, select TrueSight Smart Reporting - Platform-Admin.
   3. In the User Name and Password fields, enter the TrueSight Smart Reporting - Platform admin credentials, and click Log in.
      
      • Default user name: admin
      • Default password: admin12345
   4. From the top-right corner of the page, select Admin Console.
   5. From the Multi-tenant Login list, select TrueSight Server Automation - Data Warehouse, and click Log in.
      
   6. In the left pane, select Administration > Schedule Management.
   7. From the filter type list, select Cached Filter Refresh. The default value is All Types.
   8. Click Select All > Delete.
   9. On the confirmation window that displays a list of scheduled cache filters, click OK.
      All the scheduled cache filters are deleted.

4. Update the TrueSight Server Automation - Data Warehouse component content. For more information, see Getting the latest views in TrueSight Smart Reporting - Platform.

5. Refresh the access filter list in TrueSight Smart Reporting - Platform.

    Do the following:

   1. Use the following URL to open the TrueSight Smart Reporting - Platform login page:
      https://<hostname>:port/tsr 
   2. In the Log in as list, select TrueSight Smart Reporting - Platform Admin.

   3. In the User Name and Password fields, enter the TrueSight Smart Reporting - Platform administrator credentials.

   4. Click LOG IN.
   5. In the upper right corner, click your profile, and click Admin Console.
   6. Select the component administrator in the Multi-tenant Login list and click Login.
   7. Click the menu icon in the upper left corner, and then click Administration > Admin console > Data Sources.
   8. In the Data Sources panel, click the component datasource.
   9. Click Access Filters.
   10. Perform the following steps for all the access filters.
       1. Click an access filter from the list of available access filters.
       2. In the Settings panel, toggle New User Auto Refresh. The access filters are updated when new users are added to the component. 
       3. Click Submit. 
       4. Click Done. 

6. Enable the authentication types that you disabled before the upgrade:

   1. On the reports server, start the Application Server Administration console (the blasadmin utility) as follows.
      
      • (Windows) Navigate to the <TSSA-DWInstallationDirectory>\bin directory and enter the following command: blasadmin.
      • (UNIX) Navigate to the <TSSA-DWInstallationDirectory>/br directory and enter the following command: blasadmin.

   2. Run the following commands to enable the authentication types:

      Authentication type	Command to enable the authentication
      RSA Secure ID	set AuthServer IsSecurIDAuthEnabled true
      LDAP	set AuthServer IsLdapAuthEnabled true
      PKI	set PkiAuth IsEnabled true

      For information about the authentication types, see Implementing authentication.

7. Do the following for restoring the RSA Secure ID authentication:
   1. Restore the following file that you backed up during the pre-upgrade tasks:
      <TSSA-DWInstallationDirectory>/br/sdconf.rec
   2. Run the following command:
      chown blauth:blauth sdconf.rec
   3. Run the syncFile command.

8. Import the TrueSight Smart Reporting - Platform certificate into TrueSight Server Automation - Data Warehouse for secure communication.

   1. Run the following command to export the certificate from the TrueSight Smart Reporting - Platform keystore:

      keytool -export -alias smartreporting -keystore <tssr_installation_directory>/appserver/conf/tsr.keystore -rfc -file tsr.cert

      The tsr.cert file is created in the same directory where the keytool was run.

      If TrueSight Server Automation - Data Warehouse and TrueSight Smart Reporting - Platform are installed on different systems, copy the tsr.cert file to the server where TrueSight Server Automation - Data Warehouse is installed.

   2. Run the following command to import the tsr.cert file into the TrueSight Server Automation - Data Warehouse keystore.

      keytool -import -v -trustcacerts -alias tsr -file <path_where_tsr.cert_is_copied>/tsr.cert -keystore <tssadw_installation_
      directory>/jre/lib/security/cacerts -keypass changeit -storepass changeit

   3. Restart the following services:
      
      • TrueSight Server Automation - Data Warehouse
      • Authentication Service

9. If you backed up the user roles and permissions related file at the following path before the upgrade, restore it:
   <TSSA-DWInstallationDirectory>\shared\ConfigurationManagement\user_roles.csv

10. If you backed up the CA-signed certificates before the upgrade, do the following to restore them:

    1. Replace the keystore.jks (for example, tssadw-keystore.jks) file at the following path with the file that you backed up before the upgrade:
       <TSSA-DWInstallationDirectory>/tomcat/conf/

    2. Open the server.xml file and edit the following parameters:
       1. In the Connector port=9443 section, update the keystore file name and password:
          
          • keystoreFile="<tssa_dw_installation_directory>\tomcat\conf\tssadw-keystore.jks"
          • keystorePass="<encryptedpassword>"
       2. Save the changes.

11. (For PKI authentication) Do the following:

    1. Restore the backed-up PKI truststore at the following path:
       <tssadw_installation_directory>/br/
    2. Replace the bdsSslCertificate.cert file at the following path with the file that you backed up before the upgrade:
       <TSSA-DWInstallationDirectory>/tomcat/conf/
    3. Open the server.xml file and modify the following parameters in the SSL connector block:
       
       • truststoreFile="C:\PROGRA~1\BMCSOF~1\TSSA-DW/br/PkiTrustStore.jks"
       • truststorePass=The password that is used for the truststore in the blenc format.
       • clientAuth="true"
    4. Save the changes.
       
12. Restart the following services:
    
    • TrueSight Server Automation - Data Warehouse
    • Authentication Service

13. NEW IN 20.02.01 Enable the display of the following dashboards: Inventory, Compliance, Patch, Job Activity, and Health. These dashboards are displayed after logging in to the TrueSight Server Automation - Data Warehouse console.
    

     Do the following:

    1. Log in to the TrueSight Smart Reporting - Platform console as a platform admin user.
    2. Click AdminConsole.
    3. Navigate to Administration > Admin Console > User Groups.
    4. Click Add.
       
       
    5. Under Group Details, do the following:
       1. Provide a name and description for a dashboard user.
       2. Select the group status value as Active.
    6. Under Default Dashboard tabs, do the following:
       1. From the Dashboard Tab list, select Inventory Dashboard, and click Add.
       2. Repeat this step to add the Compliance, Patch, Health, and Job Activity Dashboards.
    7. Under Member Selection, search for TrueSight Manage Reports, and select it.
       
    8. Save the changes.
    9. If you have existing dashboards, do the following:
       1. Log out of the TrueSight Smart Reporting - Platform console.
       2. Log in to the TrueSight Server Automation - Data Warehouse console as a reporting user.
       3. Remove all the existing dashboards.
       4. Log out of the TrueSight Server Automation - Data Warehouse console and log in again.
          

14. (Optional) If you want to see data for the following assets in the built-in and custom inventory reports, enable them in the database after the first ETL run. 

    • File System
    • Registry
    • .NET Assemblies
    • Object Overflow
    For more information, see Enabling Inventory assets.
15. Run the extract, transform, and load (ETL) process to transfer data from all sites to the reports data warehouse. For more information, see Run the extract, transform, and load (ETL) process.
    

Where to go from here

See the product documentation to learn about the product features.