Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

Upgrading log collector service from ACS 5.3 to 5.4

 

 

Introduction:

This document describes procedure of upgradation of Log Collector service from ACS 5.3 to 5.4

 

 

If you have either ACS 5.2 or ACS 5.3 installed on your machine, you can upgrade to ACS 5.4 using one of the following two methods:

  • Upgrading an ACS Server using the Application Upgrade Bundle
  • Reimaging and Upgrading an ACS Server

 

Prerequisites:

  • Only application upgrade can be performed, on either a Cisco appliance or a virtual machine, if the disk size is greater than or equal to 500 GB. If a smaller disk size, you need to reimage to ACS 5.4 followed by a restore of the backup taken in ACS 5.2 or ACS 5.3 version to trigger the upgrade.
  • When you upgrade from ACS 5.3, it is mandatory to have previously installed a minimum patch version of 5.3.0.4.6 prior to the upgrade or the upgrade will fail.

 

Upgradation ACS 5.3 deployment to 5.4:

 

Upgrading the Log Collector Server

 

To upgrade a log collector server to ACS 5.4, complete the following steps:

 

Step 1 Choose any secondary server to become a log collector:

 

  1. From the primary ACS server, choose System Administration > Configuration > Log Configuration > Log Collector.
  2. From the Select Log Collector Server drop-down list, choose the new secondary instance to be the log collector, and click Set Log Collector.

 

The ACS services of the new secondary log collector are restarted.

 

Step 2 Enter the show application status acs command in EXEC mode to check whether all process are up and running successfully, and press Enter.

 

Step 3 Deregister the old log collector server from the deployment, and delete it from the ACS 5.3 primary server, so that it is now a standalone server:

 

  • From the web interface of the ACS 5.3 primary server, select System Administration > Operations > Distributed System Management.
  • From the Secondary Instances table, check the check box next to the secondary instance that you want to deregister.
  • Click Deregister.
  • Click OK.

 

The secondary instance (old log collector) services are restarted.

 

  • From the Secondary Instances table, check the check box next to the deregistered secondary instance that you want to delete.
  • Click Delete.

 

The following message appears:

Are you sure you want to delete the selected item/items?

 

  • Click OK.

 

The Secondary Instances table on the Distributed System Management page appears without the deleted secondary instance.

 

  • Log into the ACS 5.3 secondary server.
  • Select System Administration > Operations > Distributed System Management.
  • From the Secondary Instances table, check the check box next to the deregistered secondary instance that you want to delete.
  • Click Delete.
  • Click OK.

 

The Secondary Instances table on the Distributed System Management page appears without the deleted secondary instance.

 

Step 4 Back up the log collector data:

 

From the ACS CLI, enter the following backup command in the EXEC mode to perform a backup and place the backup in a remote repository:

backup backup-file-name repository repository-name.

 

Step 5 Upgrade the old ACS log collector:

 

Use the procedure in Upgrading an ACS Server from 5.3 to 5.4.

 

When ACS processes of the 5.4 log collector server are up and running, you need to confirm once if the upgrade processes are completed successfully or not from the Monitoring and Report Viewer, choose Monitoring Configuration > System Operations > Data Upgrade Status page. The Data Upgrade Status page appears, indicating the status of the Monitoring and Report Viewer data upgrade.

 

When the database upgrade completes, ACS displays the following message:

 

Upgrade completed successfully.

 

Now the old log collector is upgraded to 5.4 and functions as the ACS 5.4 standalone primary server, as well as a log collector.

 

Step 6 Define the 5.4 log collector as a remote log target for the 5.3 deployment.

 

  • Select System Administration > Configuration > Log Configuration > Remote Log Targets.
  • Click Create.
  • Enter the values for the following fields:

             Name—The name of the remote log target. Maximum length is 32 characters.

             Description—(Optional) A description of the remote log target. Maximum description length is 1024 characters.

             Type—The type of remote log target. Syslog is the only option.

              IP Address—IP address of the remote log target, in the format x.x.x.x. Specify the IP address of the 5.4 log collector server.

              Use Advanced Syslog Options—Click to enable advanced syslog options, which include port number, facility code, and maximum length.

              Port—The port number of the remote log target that is used as the communication channel between the ACS and the remote log target                        default is 514). Enter 20514 for the port number.

              Facility Code—(Optional) Choose an option from the Facility Code drop-down list box.

              Maximum Length—The maximum length of the remote log target messages. Valid options are from 200 to 1024.

 

  • Click Submit.

The remote log target configuration is saved. The Remote Log Targets page appears with the new remote log target configuration.

 

Now, the authentication details from the 5.3 deployment are logged in both the 5.3 and 5.4 log collector servers.

 

Step 7 On the 5.3 primary server, configure the appropriate logging categories for the remote log target:

  • a. Select System Administration > Configuration > Log Configuration > Logging Categories > Global.
  • b. Click the name of the logging category you want to configure;
  • c. In the General tab, complete the following fields:

Log Severity—Use the drop-down list box to select the severity level. Valid options are FATAL, ERROR, WARN, INFO, and DEBUG.

Log to Local Target—Check to enable logging to the local target.

Local Target is Critical—Check the check box to make this local target the critical target. Usable for accounting and for AAA audit (passed           authentication) logging category types only.

  • Click the Remote Syslog Target tab and choose Remote Targets to view the logs.
  • Click Submit.

 

The Logging Categories page appears, with your configured logging category.

 

Upgrading the Secondary Servers:

To upgrade each 5.3 secondary server in your deployment to 5.4:

 

To ensure that you preserve the local certificates of the secondary server, you should promote each secondary server to the primary role, and then perform the ACS 5.4 upgrade.

 

Upgrading the PKI Data and Certificates.

 

Before upgrading a secondary ACS server, ensure that the server is not inactive and that it is not in local mode.

Step 1 Verify if the secondary server is a log collector. If so, change the log collector server to any other secondary server; else, proceed to Step 2.

 

  • From the 5.3 primary server, select System Administration > Configuration > Log Configuration > Log Collector.
  • From the Select Log Collector drop-down list box, choose a different server to configure as a log collector.
  • Click Set Log Collector.

 

Step 2 Deregister the secondary server from the 5.3 deployment and delete it from the ACS 5.3 primary server, so that it now becomes a standalone server:

  • Select System Administration > Operations > Distributed System Management.
  • From the Secondary Instances table, check the check box next to the secondary instance that you want to deregister.
  • Click Deregister.
  • Click OK.

 

The ACS machine restarts.

 

  •   Log into the ACS 5.3 primary server.
  •   Select System Administration > Operations > Distributed System Management.
  •   From the Secondary Instances table, check the check box next to the secondary instance that you want to delete.
  •   Click Delete.
  •   Click OK.

 

The Secondary Instances table on the Distributed System Management page appears without the deleted secondary instance.

 

  •    Log into the ACS 5.3 secondary server.
  •    Select System Administration > Operations > Distributed System Management.
  •    From the Secondary Instances table, check the check box next to the deregistered secondary instance that you want to delete.
  •    Click Delete.
  •    Click OK.

 

The Secondary Instances table on the Distributed System Management page appears without the deleted secondary instance.

 

Step 3 Back up the secondary server data.

From the ACS CLI, issue the following backup command in EXEC mode to perform a backup and place the backup in a repository:

 

                    backup backup-name repository repository-name

 

Step 4 Upgrade the ACS server to 5.4. See Upgrading an ACS Server from 5.3 to 5.4.

 

Step 5 Register the secondary server to the ACS 5.4 primary server.

  •     Select System Administration > Operations > Local Operations > Deployment Operations.

 

      The Deployment Operations page appears.

 

  •      Complete the following mandatory fields under the Registration dialog box:

       Primary Instance—The hostname of the 5.4 primary server that you wish to register the secondary instance with.

       Admin Username—Username of an administrator account.

       Admin Password—The password for the administrator account.

       Hardware Replacement—Check to enable the existing ACS instance to re-register with the primary instance and get a copy of the configuration that is already present in the primary instance.

       Recovery Keyword—Specify the same hostname that was used in the 5.3 deployment to ensure that you associate this secondary server with the Monitoring and Report data that was collected earlier.

 

  •       Click Register to Primary.
  •       Click OK.

 

ACS will restart automatically. Wait for some time to make sure that all processes are up and running successfully.

 

To verify the status, from the web interface of the secondary server, select

  • System Administration > Operations > Local Operations and check the status of the secondary ACS server.

Reference:

Log Collector Service Info

Version history
Revision #:
2 of 2
Last update:
‎08-29-2017 03:21 AM
Updated by:
 
Labels (1)
Contributors