How to manually update HashDB for Security Analytics

book

Article ID: 168738

calendar_today

Updated On:

Products

Security Analytics

Issue/Introduction

The Solera HashDB is enabled by default. Some may want to manually update the HashDB offline.

Resolution

You may manually change the HashDB using the procedure below, 

1. First, backup the original hash database in case something goes wrong or you want to restore it. 
cp /usr/share/solera/md5-hash.bdb /usr/share/solera/md5-hash.bdb.orig 

2. Open script, review self-help comments. Run the attached script against your MD5 hash list. 

3. Copy the new customhashdb.bdb over the existing /usr/share/solera/md5-hash.bdb. 

4. On Security Analytics, issue the command below,

a) Flush the redis cache.  
redis-cli flushall 

b) Stop capture.
scotus stop 

c) Start capture.
scotus start