With IDM 4.6 released, we are completely moving from EAS to Sentinel. This post provides information about migrating the EAS database to a supported PostgreSQL database using the Data Migration Utility v0.1. This post also provides information about cleaning up the migrated database using the Data Cleanup Utility v0.1.
Manual steps of migrating the SIEM schema from EAS Database is a tedious task. This utility will make it easy for anyone who wants to migrate the EAS DB to PostgreSQL 9.6.1. Sentinel and Identity Reporting 5.5.0 can utilize the migrated database to populate data on to the Reports.
You will see the screen below when you run the script:
Enter EAS Server Details-
EAS IP [127.0.0.1]: Enter the IP address of the EAS server.
EAS Port : Click enter if the EAS DB is running on port 15432. If it is not running on 15432, enter the port on which it is actually running upon.
Password for dbauser: Enter the password of the dbauser.
Ensure you have the new Postgres already installed before proceeding with the step below:
Enter new Postgres Server Details-
Postgres IP [127.0.0.1]:
Postgres Port :
Password for Postgres: Enter the password that was given to the postgres user while installing postgres9.6.1
If you want the password for any/all of the roles below to have the same password of the postgres user, simply click enter. The same password will be applied to the respective user.
Password for user dbauser [Same as postgres]:
Password for user idmrptuser [Same as postgres]:
Password for user admin [Same as postgres]:
Password for user appuser [Same as postgres]:
Password for user idmrptsrv [Same as postgres]:
Password for user rptuser [Same as postgres]:
Specify Yes if you want the sendata1 Tablespace to be created in the new Database. Specify No if you do not want the sendata1 Tablespace to be created in the new Database. If the new database is installed on windows, then ensure to give the ‘\\’ in the path as shown below:
EAS uses TABLESPACE sendata1 for storing the events. Do you want to create the TABLESPACE sendata1 in the new Database (yes/no):
TABLESPACE location [C:\\NetIQ\\IdentityManager\\apps1\\postgres\\data\\base\\N2]:
Specify Yes if you want to migrate SIEM_WF database to the new postgres database. Specify No and continue if you do not want to migrate the SIEM_WF database:
Do you want to migrate SIEM_WF Database (yes/no):
Here comes the final step before the migration begins. Cross check all the details in the Pre-migration summary are correct to proceed:
EAS Server IP: XXX.XX.XXX.XXX
EAS Server Port: 15432
Postgres Server IP: YYY.YY.YYY.YYY
Postgres Server Port: 5432
DB’s to migrate: SIEM, SIEM_WF
Additional Actions : Add Role(s) : dbauser, idmrptsrv, idmrptuser, admin, appuser, rptuser, esec_user, esec_app
Specify Yes and continue to start the migration and No to abort the Migration:
Continue with migration (yes/no):
This is what appears once the Migration begins. Migration may take some time based on the size of your EAS Database. In case you see any errors during the process, the log file at /home/novleas/log/eas_migrate.log will have the information about it.
Ensure the Migration is successful from pgAdmin:
Add your postgres server to pgAdmin and double click on the added server. Expand the server and notice SIEM, SIEM_WF databases, sendata1 tablespace and all the login roles are available:
Once the migration is complete, you can go ahead and start installing the latest Identity Reporting and connect it to the migrated SIEM Database. Run the Data Synchronization utility after installing the Identity Reporting to create a policy on Sentinel. This policy on Sentinel will forward the audit events to the SENTINEL_EVENTS table in the migrated SIEM database.
Clean up the Migrated Database:
Follow the steps below only if you want to clean up the database. eas_cleanup.sh utility at /home/novleas will help you clean up the new Postgres database. Before you start with the cleanup, ensure no user is accessing the database.
You will see the screen below once you run the eas_cleanup utility:
Enter Postgres Server Details-
Postgres IP [127.0.0.1]: Enter the IP address of the server where postgres9.6.1 was installed.
Postgres Port : Enter the port on which the postgres9.6.1 is running on.
Password for postgres: Enter the password of the postgres user and continue.
Here comes the final step before the clean up begins. Cross check if all the details in the Summary below are correct and then continue.
Server IP: YYY.YY.YYY.YYY
Server Port: 5432
DB to cleanup: SIEM, SIEM_WF
Specify Yes to continue the clean up and No to abort the process:
Continue with cleanup (yes/no):
The migrated database is now cleaned up.
Disclaimer: As with everything else at NetIQ Cool Solutions, this content is definitely not supported by NetIQ, so Customer Support will not be able to help you if it has any adverse effect on your environment. It just worked for at least one person, and perhaps it will be useful for you too. Be sure to test in a non-production environment.