Update to nJAMS Server 5.1, while upgrading Elasticsearch 6 to 7

Update to nJAMS Server 5.1, while upgrading Elasticsearch 6 to 7#

When you are on nJAMS Server 5.0 using Elasticsearch 6, the following steps have to be executed in order to update to nJAMS Server 5.1, while upgrading Elasticsearch 6.4 / 6.8 to 7.7:

Caution

Before starting, make sure that your current Elasticsearch 6 cluster is ready to be updated to version 7, i.e., that all indexes are version 6 indexes.

  1. Stop Indexer and stop Data Provider(s) of your current nJAMS Server 5.0 instance

  2. Upgrade Elasticsearch cluster 6.4 / 6.8 to version 7.7

  3. Update to nJAMS Server 5.1 by deploying update package (WAR) file including eventual plugin update packages

  4. Optional - Re-index Elasticsearch Indexes from format v6 to v7

Upgrade procedure step by step:

(A) Stop Indexer and Data Provider(s):
  1. Login to nJAMS GUI as nJAMS Administrator

  2. Go to Administration > System Control > Message Processing and stop all Data Providers

  3. Go to Administration > Connections > Indexer and stop Indexer

  4. On the same page change the port number(s) of the configured cluster node(s) from the old transport-client ports (usually 9300) to the according http port (usually 9200) used by the REST client.

  5. Save the update configuration.

(B) Upgrade Elasticsearch Cluster to version 7.7:
  1. Refer to Elasticsearch documentation to learn about upgrading Elasticsearch

  2. Download Elasticsearch 7.7

  3. Upgrade Elasticsearch 6.4.x / 6.8.x to Elasticsearch 7.7.x

(C) Update to nJAMS Server 5.1:
  1. Login to nJAMS GUI and go to Administration > System Control > Deployment

  2. UPLOAD file Elasticsearch 7 version of njams_server_es7_5.1.x.war. If applicable, also upload update packages of the plugins you use. Plugins are converted into features during the update process and are automatically unlocked.

    Note

    On Windows Server 2016 it may be required to turn off real-time protection before uploading WAR file. In case uploading fails, please turn off RTP of Windows Server 2016 for the time of the upload.

  3. Click on RESTART to deploy the upgrade and restart nJAMS Server

  4. Once nJAMS Server is updated and up again, Login with your nJAMS administrator account, go to Administration > Connections > Indexer, and make sure the ports of all Elasticsearch Nodes are changed from 9300 to 9200. Changing ports is required, since nJAMS Server now uses Java Rest Client of Elasticsearch rather than previous Transport Client.

  5. Restart Indexer and Data Provider(s)

nJAMS Server 5.1 is ready to continue processing log messages.

(D) Optional - Re-index existing indexes:

This step is optional. You can re-index the indexes from Elasticsearch format v6 into v7. If you just want to search for process executions, filtered by time or domain object, you can skip this step. If you want to be able to search for event data of the past like payload, stacktrace, activity duration, etc., you have to re-index all existing indexes.

Please refer to chapter How to re-index existing indexes for more informaton.