Changing ArcSight Platform Configuration Properties

Reconfiguring properties causes the capabilities related to the property to stop and restart and this might cause operations underway to fail. Therefore, ensure that effected capabilities that cannot be easily retried are not running when you reconfigure any of these properties. For example, check the pod logs to see what operations are underway.
(For Intelligence) Check the Analytics pod logs to see if Analytics is already running by executing the following commands on any of the nodes:

export NS=$(kubectl get namespaces |grep arcsight|cut -d ' ' -f1)

kubectl -n $NS logs <interset-analytics-pod>

To change ArcSight Platform configuration properties:

  1. Open a certified web browser.
  2. Specify the following URL to log in to the CDF Management Portal: https://<cdf_masternode_hostname or virtual_ip hostname>:5443.
  3. Select Deployment > Deployments.
  4. Click ... (Browse) on the far right and choose Reconfigure. A new screen will be opened in a separate tab.
  5. Update configuration properties as needed.
  6. Click Save.

All services in the cluster affected by the configuration change will be restarted (in a rolling manner) across the cluster nodes.

(For Intelligence) If you are specifying details under the Hadoop File System (HDFS) Security section, consider the following:

  • (Conditional) If you are enabling Kerberos Authentication for the first time, then, before selecting kerberos in Enable Authentication with HDFS Cluster, ensure you configure the Kerberos Authentication. For more information, see Enabling and Configuring Kerberos Authentication.

  • (Conditional) If you need to modify the Kerberos details, ensure that you first enable and configure Kerberos Authentication with the new Kerberos details.

  • The Kerberos details that you provide in Kerberos Domain Controller Server, Kerberos Domain Controller Admin Server, Kerberos Domain Controller Domain, and Default Kerberos Domain Controller Realm will be considered only if you select kerberos in Enable Authentication with HDFS Cluster. They are not valid if you select simple.

  • If you are enabling Kerberos Authentication, then you must enable Enable Secure Data Transfer with HDFS Cluster.
    If you disable Enable Secure Data Transfer with HDFS Cluster, the database and HDFS will use the same communication standard as Intelligence 6.2.

  • If you have enabled Enable Secure Data Transfer with HDFS Cluster and if you have a non-collocated database cluster, log in to a database node, and copy the RE CA certificate from the CDF master node to /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem. Repeat this step on all the database nodes.

(For Intelligence) The updated configuration properties related to analytics and Hadoop File System (HDFS) security in the Intelligence tab are considered only in the next Intelligence analytics run. If you have modified Enable Secure Data Transfer with HDFS Cluster and if HDFS namenode enters the safe mode when you run analytics, perform step 8 of Configuring HDFS Security in CDF