The optimal version of the DSA utility differs based Operating systems and appliance Model types. QRadar® 7.2.x uses a different build than QRadar 7.3.x. M5 and M6 appliances require a higher version of the DSA to pull a full report, than M3 and M4 appliances. This technote lists the builds recommended for your base Operating System and Appliance type.
Dynamic System Analysis (DSA) for Lenovo x86 servers collects and analyzes system information to aid in diagnosing system problems. DSA collects information about the following aspects of a system:
- System configuration
- Installed applications and hot fixes
- Device drivers and system services
- Network interfaces and settings
- Performance data and running process details
- Hardware inventory, including PCI information
- Vital product data and firmware information
- SCSI device sense data
- ServeRAID configuration
- Application, system, security, ServeRAID, and service processor system event logs
- Additionally, DSA creates a merged log that allows users to easily identify cause-and-effect relationships from different log sources in the system.
- IMM Configuration information
- IMM Enviromentals information
- Option card driver and firmware information
- FoD Activation Key
DSA Portable Edition expands to temporary space on the target system, runs, and deletes all intermediate files after execution completes. Its design and packaging allow it to collect system information in sensitive customer environments with only temporary use of system resources.
Diagnosing The Problem
If you use the wrong version of the DSA utility you might see a message similar to this displayed:
This system is not supported by this version of DSA. You might need to download an update for DSA to support this system. Use the -? or -h parameter for more information about downloading updates. Do you want to proceed anyway (function may be limited)? (Y/N)
If you select YES (Y), the DSA utility can collect data; however, the information gathered by older versions might be limited.
Resolving The Problem
To resolve this issue:
- Using the table download the version of the DSA utility that is correct for your version of QRadar and Appliance type.
DSA Versions QRadar Version Operating System Appliance Type DSA build Pre-Installed Download link QRadar 7.2.x RHEL 6 M3/M4 ibm_utl_dsa_dsyte1d-9.61_portable_rhel6_x86-64.bin Yes Included in /opt/qradar/support QRadar 7.2.x RHEL 6 M5+ lnvgy_utl_dsa_dsala7k-10.5_portable_rhel6_x86-64.bin No https://download.lenovo.com/servers/mig/2019/04/12/19994/lnvgy_utl_dsa_dsala7k-10.5_portable_rhel6_x86-64.binQRadar 7.3.xQRadar 7.4.x RHEL 7 M3 ibm_utl_dsa_dsyte1d-9.61_portable_rhel7_x86-64.bin No ibm_utl_dsa_dsyte1d-9.61_portable_rhel7_x86-64.binQRadar 7.3.xQRadar 7.4.x RHEL 7 M4/M5 lnvgy_utl_dsa_dsala7k-10.5_portable_rhel7_x86-64.bin No https://download.lenovo.com/servers/mig/2019/04/12/19995/lnvgy_utl_dsa_dsala7k-10.5_portable_rhel7_x86-64.bin QRadar 7.4.x RHEL 7 M6 lnvgy_utl_lxcer_onecli01w-2.7.0_rhel_x86-64.rpm Yes*Included in /opt/lenovo/lnvgy-utl-lxce-onecli/dsa
*OneCLI was added in 7.4.0 Fix Pack 1. For 7.4.0 and earlier versions of QRadar, the current version of OneCLI can be downloaded here: Lenovo XClarity Essentials OneCLI. Look for the Linux RPM compatible with your QRadar deployment. For example: lnvgy_utl_lxcer_onecli01h-3.0.1_rhel_x86-64.rpm
- Do not delete the ibm_utl_dsa_dsyte1d-9.61_portable_rhel6_x86-64.bin file from /opt/qradar/support. An upgrade or patches might still require this file to be present.
- If the optimal DSA is not preinstalled, acquire and upload the recommended DSA utility to the host where you will be running it.
- Copy the DSA utility by using WinSCP or other SCP tool to the /opt/qradar/support/ directory on the Console.
- Using SCP move the DSA utility to the affected appliance:
scp /opt/qradar/support/lnvgy_utl_dsa_<version>_rhel7_x86-64.bin <IP_of_Appliance>:/opt/qradar/support
- Set the permissions of the file to be executable, type:
chmod 755 /opt/qradar/support/lnvgy_utl_dsa_<version>_rhel7_x86-64.bin
- If OneCLI is not installed, acquire and upload the OneCLI utility to the host where you will be running it.
- Copy the OneCLI utility by using WinSCP or other SCP tool to the /tmp directory on the Console.
- Using SCP move the OneCLI utility to the affected appliance:
scp /tmp/<DSA_build>_x86-64.bin <IP_of_Appliance>:/tmp/
- SSH to the host and use YUM to install the RPM:
yum -y install /tmp/lnvgy_utl_lxcer_onecli<version>_rhel_x86-64.rpm
- Type the path and file name to run the DSA utility
- DSA: /opt/qradar/support/lnvgy_utl_dsa_<version>_rhel7_x86-64.bin
- OneCLI: /opt/lenovo/lnvgy-utl-lxce-onecli/dsa
The output location of the log will depend on which version is run:
- 9.61 writes the log to: /var/log/IBM_Support/
- 10.5 and OneCLI writes the log to: /var/log/Lenovo_Support/
Keep all of the DSA result files from the appliance, as they may be needed for future Hardware troubleshooting.
25 February 2021