Troubleshooting
Problem
While installing QRadar using an ISO or a USB key an error results. "ERROR: Step One verification of installation has failed. See the log files ks-post.nochroot.log and ks-post.nochroot.err for more details."
Symptom
The ISO image is not loading.
Cause
The ISO image that was used is corrupt, This might happen while downloading or errors creating a boot device, such as a CD or USB key.
Resolving The Problem
To resolve this problem QRadar lists on Fix Cental either an MD5 or SHA256 hash to validate the build.
Using a Linux host for verification of the build
Using a Windows Host for Checksum verification of the build
Using a Linux host for verification of the build
- Use an SCP client such as WinSCP to upload the ISO file to a Linux host.
- From the directory where the QRadar ISO resides run one of theses commands
- To verify the validity of the build by using an MD5 hash,
md5sum <QRadar Version>.iso
Example
md5sum Rhe664QRadar7_2_8_20160920132350.stable-7-2-8.iso
0830119989d1fd470913cd9ba72b39f8 Rhe664QRadar7_2_8_20160920132350.stable-7-2-8.iso
Compare this to the MD5 hash on fix Central. If not correct download the ISO again.
- To verify the validity of the build by using and SHA256 hash,
sha256sum <QRadar Version>.iso
Example: Note hash output is on 2 lines in this example.
sha256sum Rhe764QRadar7_3_1_20171206222136.stable-7-3-1.iso
f281f4cacfc1267c5bea89d2a3d7e530d3b6d000df9fc637fd5379a1e93fed45 Rhe764QRadar7_3_1_20171206222136.stable-7-3-1.iso
Compare this to the <QRadar Version>.SHA256 hash on fix Central. If not correct download the ISO again.
Using a Windows Host for Checksum verification of the build
If you are using a Windows host, there is a built in utility to run a checksum on a file called CertUtil.
To run CertUtil you open a command window as Administrator and enter the command
CertUtil -hashfile InFille HashAlgoritm
Examples
C:\Users\ADMIN\Downloads\ISO>certutil -hashfile Rhe764QRadar7_3_1_20180202182152.stable-7-3-1.iso SHA256
SHA256 hash of file Rhe764QRadar7_3_1_20180202182152.stable-7-3-1.iso:
fa 25 45 b9 48 40 fc f9 49 bf db a5 15 9f b2 c2 ae 02 0f d1 3b 56 4e 30 69 57 9e ab a4 21 3d 22
CertUtil: -hashfile command completed successfully.
C:\Users\ADMIN\Downloads\ISO>certutil -hashfile Rhe664QRadar7_2_8_20160920132350.stable-7-2-8.iso MD5
MD5 hash of file Rhe664QRadar7_2_8_20160920132350.stable-7-2-8.iso:
08 30 11 99 89 d1 fd 47 09 13 cd 9b a7 2b 39 f8
CertUtil: -hashfile command completed successfully.
For more information on CertUtil please look at this article.
Certutil
Results: Use the hash outputs to verify the validity of the QRadar ISO before doing an installation.
Where do you find more information?







[{"Product":{"code":"SSKMKU","label":"IBM QRadar on Cloud"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"General Information","Platform":[{"code":"PF016","label":"Linux"}],"Version":"7.3","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]
Was this topic helpful?
Document Information
Modified date:
16 June 2018
UID
swg22013962