Migrating from Traffic Server 4 to Traffic Sentinel
InMon Traffic Sentinel is now available for download. Since there are significant differences between Traffic Server and Traffic Sentinel, one of the following three migration strategies is recommended:
- Option 1: Turn off ITSv4 and install Traffic Sentinel
- Option 2: Continue running ITSv4 and install Traffic Sentinel to run in parallel on the same server
- Option 3: Continue running ITSv4 and install Traffic Sentinel to run in parallel on a different server
- Install Traffic Sentinel
- Confirm that it is running by connecting to it on the url <myserver>/inmsf/
- Add the following lines to the file /usr/local/inmsf/etc/config/global.prefs:
SFlowSamplePort = 7343 IPFIXPortsToOpen = 0 XRMONPortsToOpen = 0 NetFlowPortsToOpen = 0
- Restart the data collection processes on the Traffic Sentinel File>Control page.
- Connect to the ITSv4 product on the url <myserver>/its/ and add the following entry to the Server>Forwarding page to select all agents and forward their measurement data to Traffic Sentinel in sFlow® format:
Agent=0.0.0.0/0, Address=localhost, Port=7343
- Now go back to Traffic Sentinel on <myserver>/inmsf/ and configure as normal.
- Install Traffic Sentinel on the new server
- Connect to the ITSv4 server and add the following entry to the Server>Forwarding page to select all agents and forward their measurement data to Traffic Sentinel in sFlow® format:
Agent=0.0.0.0/0, Address=<new server IP address>, Port=6343
- Now go back to Traffic Sentinel on <myserver>/inmsf/ and configure as normal.
- If Traffic Sentinel is running on a new server, then copy the old ITSv4 configuration file to /usr/local/inmon/server/config/inmon.ini on the new server (creating directories as needed using the command: mkdir -p /usr/local/inmon/server/config).
- Run the following commands:
- cd /usr/local/inmsf/bin
- ./convertCFG
This script will parse the old config file to extract the zone and subnet hierarchy, and will then merge that information into the new XML configuration. You will be prompted for the administrator password, so that it can submit the new configuration using an HTTP POST operation.
- Back on the Traffic Sentinel web interface you should see that your old [zone],[subnet] hierarchy is now appearing in Traffic Sentinel as <zone>, <group> and <subnet> (CIDR) entries.
- Additional configuration options like thresholds and protocol-groups are not converted by this process. Please consult the on-line help for details on how to add the equivalent settings to the Traffic Sentinel product.
- If Traffic Sentinel is installed on a separate server, set up a read-only nfs mount (or copy all the files) so that the directory /usr/local/inmon/server/data/historyData contains a view of the same directory on the ITSv4 server.
- Run the following commands:
- cd /usr/local/inmsf/bin
- ./convertDB
The script will start converting data, starting with the most recent and working backwards. It may take many hours to completely convert all the TCP/IP data from your ITSv4 database. When it is complete you should be able to run hourly, daily, weekly and monthly reports on Traffic Sentinel against the TCP/IP traffic history.
- service inxtskd stop
- service inxjsvd stop
- chkconfig --del inxtskd
- chkconfig --del inxjsvd
Running Traffic Sentinel in parallel on the same server
To run both products on the same server, follow these steps:
Running Traffic Sentinel on a new server
To run Traffic Sentinel on a new server, and keep ITSv4 running too, follow these steps:
Migrating configuration from ITSv4 to Traffic Sentinel
The configuration file for Traffic Sentinel is in XML format. There is a tool that comes with Traffic Sentinel to help convert your ITSv4 configuration to Traffic Sentinel format. Here are the steps:
SFlow and XRMON devices auto-configured via SNMP
If you create <agent> or <agentrange> sections in your Traffic Sentinel configuration file and those agents support the sFlow or HP XRMON MIBs (and data for those devices is not already being forwarded from ITSv4), then Traffic Sentinel will attempt to configure those agents via SNMP using the community string supplied. If those devices are currently reserved by the ITSv4 server (or another application) then they will be listed on the Server>Status page under "Other Manager" and will not be acquired. If you want Traffic Sentinel to take over the monitoring, set the use force option in those <agent> and <agentrange> settings, and then initiate a new discovery scan using the button on the Server>Control page.
Migrating traffic history from ITSv4 to Traffic Sentinel
Traffic history is stored very differently in Traffic Sentinel than in ITSv4, with flows of all protocols being stored together in a rich structure, instead of in different files. Nevertheless, there is a tool that comes with Traffic Sentinel to import the TCP,UDP and ICMP traffic history into the Traffic Sentinel database. Here are the steps:
Turning off ITSv4
If and when you decide to turn off ITSv4, it is recommended that you do not immediately remove all the ITSv4 files. You will be able to convert much of the ITSv4 configuration and traffic history to the Traffic Sentinel format, so those files can be removed later when that step is complete. The only steps that are necessary to stop ITSv4 from running are:
If you subsequently decide to remove the ITSv4 files, you can use the inmon_remove script that comes with the ITSv4 installation download. It will also remove the inmon_inx and inmon_web rpms, remove the apache config file link /etc/httpd/conf.d/inmon_httpd.conf and remove all the file under /usr/local/inmon.