XProtect® 2018 R3 (12.3a) introduces a new Log Server, where server logs are stored differently than before. It is important to note that upgrading to 2018 R3 from an older XProtect version (2018 R2 or earlier version) will not delete existing logs, but it will be impossible to read them in the newer XProtect Management Client. This article provides detailed information for cases when you want your current server logs to be accessible after upgrading your system to 2018 R3.
ANSWER
Milestone XProtect® 2018 R3 (12.3a) introduces a new Log Server, where server logs are stored differently than before. This affects system, audit, and rule-triggered logs.
It is important to note that upgrading to 2018 R3 from an older XProtect version will not delete existing logs, but it will be impossible to read them in the newer XProtect Management Client.
Server log compatibility setting
The installer asks whether the system should continue receiving server log data from 2018 R2 and earlier components. This is because the new Log Server, introduced in version 2018 R3, by default requires a new and more secure communication channel between components sending server log messages and the Log Server, which then stores the server log messages in an SQL database.
If only secure communication is allowed, then older VMS system components will not be able to send any server logs to the Log Server. This means that these components are not able to, for example, record any user activity in the audit log.
For this reason, the compatibility setting can be set to “Yes” when the VMS installation contains a mix of older and newer versions. This would typically be the case during the upgrade of a larger system.
When all system components have been upgraded to 2018 R3 or later, the compatibility setting can be set to “No”.
Accessing existing server logs when upgrading your XProtect VMS from 2018 R2 (or older) to 2018 R3 (or later)
The 2018 R3 release of XProtect VMS introduces a new log server, where logs are stored differently than before. Upgrading the VMS to 2018 R3 does not delete or change existing server logs in any way. Logs remain intact in the old database, but the upgraded Management Client 2018 R3 is not able to access them.
If you want your current server logs to be accessible after upgrading your system, you have two options:
A. Export existing server logs before completing the system upgrade
-
Cancel the installation.
-
In the Management Client, export the logs that you want to archive. The logs will be written to a tab-separated text file.
-
Restart the installation and complete the system upgrade.
B. Install XProtect Essential+ as a viewing tool after completing the system upgrade
There may be cases where the export solution above is not feasible, for example, if the server logs database is very large, or if a chain of custody requirements prevents you from transferring server logs to a text file. You should perform the following steps after completing the upgrade to 2018 R3 (or later) on your VMS system.
-
Download and install the free XProtect Essential+ 2018 R2 on a machine which has no other XProtect components installed. All steps below must be performed on this installation of XProtect Essential+. [ Note (09-Jan-2019): As of now, installing and activating Essential+ 2018 R2 is no longer possible. Please refer to the following article for more information.]
-
Start the Management Client and change the server logs retention to match that of your existing VMS. Go to Tools → Options → Server Logs tab. Note that there are three independent retention settings, one for each type of log. Also remember to set the maximum number of log entries to
999 999 999to ensure that this threshold does not accidentally delete any existing logs.
Important: The default setting is 30 days and 50 000 log entries. If you do not set up server logs retention on this XProtect Essential+ installation as described in steps 1 and 2 above, you will lose all server logs that are older than 30 days.
- Redirect the Log Server database to use your existing server logs. To do this, click the Management Server tray icon and select Update SQL Address.
- Next, select “Log Server":
-
In the dialog that follows, select the SQL server.
-
Start the Management Client and access your existing server logs. In this user interface, you can search and export server logs in the same way as you have done in the past.
-
After your retention time passes, the existing server logs database is no longer needed, and you may uninstall this XProtect Essential+ product.
Update (31-01-2019)
When setting up another XProtect 2018 R2 server and pointing it to a 2018 R2 log database, you will be able to see the old logs without the need to also have access to the Surveillance database. But please note that if you are using older versions of XProtect, in order to have access to the logs, you may need to also provide access to the Surveillance database.
As a general rule, we recommend an upgrade to 2018 R2 to ensure logs on pre-2018 R3 systems could be accessed.