IBM Support

QRadar: Performing a manual deploy of an individual managed host

How To


Sometimes it is necessary to perform a manual deploy of a malfunctioning managed host when it cannot download replication and processes are failing to start. How can you force the managed host to deploy its Configurationset to address such a problem?


In some instances configuration fails to replicate fully. The configuration files on QRadar can become corrupted or unavailable.
A partially missing, entirely missing, or corrupt Configurationset on a managed host can cause a wide range of issues, including communication problems. Examples of files that fall into this category:
  • nva.conf
  • nva.hostcontext.conf
In most cases, running a full deploy will resolve these problems by rewriting the Configurationset. However, when performing a full deploy from the Console UI or Command-Line, there are not possible or is not practical. In such cases, forcing a local Configurationset transform can be a viable option.


The script /opt/qradar/bin/ makes it possible to force a managed host to transform the Configurationset for its local use, effectively performing a full deploy on the managed host only.

Before You Begin

The script requires the following preconditions to function:

  • The Console is running the Tomcat service.
  • The managed host is running Hostcontext.
  • No current deploy, add or remove managed host actions are in progress.
  1. On the console cd to the Configurationsets directory:
    cd /store/configservices/configurationsets/
  2. Using SCP to copy the following Configurationset files from the Console to the managed host in question:
    scp globalset_list.xml <managedhost ip>:/store/configservices/configurationsets
    Warning: The following command is not to be run on the Console or it will corrupt the Console. 
  3. SSH to the managed host. Run the replication .pl script to replicate the Postgress database on the managed host:
    /opt/qradar/bin/ -download

    Warning: The following command is not to be run on the Console or it will corrupt the Console. 
  4. On the same managed host run the script with the following flags to force a full deploy on the managed host:
    /opt/qradar/bin/ -l -f
    If successful, the output will display the following:
    Starting up...
    Deployment status set to 'Initiating Deployment'
    Deployment status set to 'In Progress'
    Deployment status set to 'Success'
    Deploy Global Set: Done.
    local_transformation: End.

Additional Information

Document Location


[{"Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"ARM Category":[{"code":"a8m0z000000cwtNAAQ","label":"Deployment"}],"ARM Case Number":"","Platform":[{"code":"PF016","label":"Linux"}],"Version":"7.3.3;7.4.1"}]

Document Information

Modified date:
07 December 2020