IBM Support

QRadar: Error installing QRadar when using an ISO

Troubleshooting


Problem

While installing QRadar using an ISO or a USB key an error results. "ERROR: Step One verification of installation has failed. See the log files ks-post.nochroot.log and ks-post.nochroot.err for more details."

Symptom

The ISO image is not loading.

Cause

The ISO image that was used is corrupt, This might happen while downloading or errors creating a boot device, such as a CD or USB key.

Resolving The Problem

To resolve this problem QRadar lists on Fix Cental either an MD5 or SHA256 hash to validate the build.

Using a Linux host for verification of the build
Using a Windows Host for Checksum verification of the build


Using a Linux host for verification of the build



  1. Use an SCP client such as WinSCP to upload the ISO file to a Linux host.
  2. From the directory where the QRadar ISO resides run one of theses commands
    1. To verify the validity of the build by using an MD5 hash,
      md5sum <QRadar Version>.iso
      Example
      md5sum Rhe664QRadar7_2_8_20160920132350.stable-7-2-8.iso
      0830119989d1fd470913cd9ba72b39f8 Rhe664QRadar7_2_8_20160920132350.stable-7-2-8.iso
      Compare this to the MD5 hash on fix Central. If not correct download the ISO again.


    2. To verify the validity of the build by using and SHA256 hash,
      sha256sum <QRadar Version>.iso
      Example: Note hash output is on 2 lines in this example.
      sha256sum Rhe764QRadar7_3_1_20171206222136.stable-7-3-1.iso
      f281f4cacfc1267c5bea89d2a3d7e530d3b6d000df9fc637fd5379a1e93fed45 Rhe764QRadar7_3_1_20171206222136.stable-7-3-1.iso
      Compare this to the <QRadar Version>.SHA256 hash on fix Central. If not correct download the ISO again.




Using a Windows Host for Checksum verification of the build



If you are using a Windows host, there is a built in utility to run a checksum on a file called CertUtil.
To run CertUtil you open a command window as Administrator and enter the command
CertUtil -hashfile InFille HashAlgoritm

Examples
C:\Users\ADMIN\Downloads\ISO>certutil -hashfile Rhe764QRadar7_3_1_20180202182152.stable-7-3-1.iso SHA256
SHA256 hash of file Rhe764QRadar7_3_1_20180202182152.stable-7-3-1.iso:
fa 25 45 b9 48 40 fc f9 49 bf db a5 15 9f b2 c2 ae 02 0f d1 3b 56 4e 30 69 57 9e ab a4 21 3d 22
CertUtil: -hashfile command completed successfully.

C:\Users\ADMIN\Downloads\ISO>certutil -hashfile Rhe664QRadar7_2_8_20160920132350.stable-7-2-8.iso MD5
MD5 hash of file Rhe664QRadar7_2_8_20160920132350.stable-7-2-8.iso:
08 30 11 99 89 d1 fd 47 09 13 cd 9b a7 2b 39 f8
CertUtil: -hashfile command completed successfully.


For more information on CertUtil please look at this article.
Certutil

Results: Use the hash outputs to verify the validity of the QRadar ISO before doing an installation.


Where do you find more information?

[{"Product":{"code":"SSKMKU","label":"IBM QRadar on Cloud"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"General Information","Platform":[{"code":"PF016","label":"Linux"}],"Version":"7.3","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
16 June 2018

UID

swg22013962

Page Feedback