Installation Instructions for Hot Fix M9S002

Linux for x64

Hot fix M9S002 addresses the issue(s) in SAS Fraud Management 6.2 as documented in the Issue(s) Addressed section of the hot fix download page:

https://tshf.sas.com/techsup/download/hotfix/HF2/M9S.html#M9S002

M9S002 is a "container" hot fix that contains the following "member" hot fixes which will update the software components as needed.

N2W002  updates  SAS Fraud Management Common Macros 6.2***
M9V002  updates  SAS Fraud Management Data Services 6.2***
M9W002  updates  SAS Fraud Management Decision Engine 6.2***
M9U002  updates  SAS Fraud Management Mid-Tier 6.2***
N2Y001  updates  SAS Fraud Management Multi Entity History DB Maintenance Macros 6.2
N2X002  updates  SAS Fraud Management Reporting History ETL Server Macros 6.2***
N2Z002  updates  SAS Fraud Management System of Record DB Maintenance Macros 6.2***
N2V002  updates  SAS Fraud Management Transaction Extensions 6.2***
M9X002  updates  SAS Fraud Transactional Analysis Engine 6.2***

*** member hot fixes that have been updated since the previously released hot fix (M9S001)

HOT FIX COMPONENT HISTORY

IMPORTANT NOTES

1. It is strongly recommended that you install hot fixes in a non-production environment and test *before* installing them in production.
2. The POST-INSTALLATION INSTRUCTION sections are *not* optional. These steps must be reviewed and performed where applicable for all hot fix installations. Any questions on these steps should be directed to support before you begin the installation.

PRE-INSTALLATION INSTRUCTIONS

1. Create a Deployment Registry report on each server:
   

   Before applying this hot fix, follow the instructions in SAS KB0036131 to generate a SAS Deployment Registry report on each server in your environment.

   Commands to create the report:
   1. cd <SASHome>/deploymntreg
   2. <JAVA_HOME>/bin/java -jar sas.tools.viewregistry.jar
      

   Two files are created: DeploymentRegistry.txt and DeploymentRegistry.html. Either of these files can be used to verify that the appropriate product releases are installed on your system. You can determine the current hot fix level by comparing the member hot fix numbers in the HOT FIX COMPONENT HISTORY chart above with the hot fix entries in the Deployment Registry report.

2. Backups:  Full backups are required. The backups will be needed to roll-back this hot fix installation should an issue occur.

   Backup the following on each Server:

   1. <SASHOME> directory
   2. <CONFIGDIR> directory
   3. Database(s) that will be updated by this hot fix. Review the POST-INSTALLATION INSTRUCTIONS: DATA TIER section to determine if there are database updates.
   4. (Optional) If you have customized the oracle_libname_opts.csv or the oracle_passthrough_opts.csv file, you should make a local copy for reference. After the hot fix install completes, you can add back your customizations. These files are located in the <SASHOME>/SASFoundation/9.4/misc/fsmcm/data directory.

      Note: When you run the SAS Deployment Manager in a later step to install the hot fix, you must use the -alwaysoverwrite option to force edited files to be replaced with new files in <SASHome>.

   For a detailed list of updated files, see the hot fix manifest.  NOTE: The manifest is cumulative for all hot fixes for this release.

3. Stop SAS Fraud Management Servers and Processes:
   1. Stop the OnDemand Decision Engine (ODE) server(s). Log on as the ODE user and run:
      $ cd <CONFIGDIR>/Lev1/Applications/SASFraudManagement/6.2/<Auth-Domain>/engine/Server<n>/bin
      $ ./ose.sh stop
   2. Stop the Transactional Analysis Server (TAS). Log on as the TAS user and run:
      $ cd <CONFIGDIR>/Lev1/Applications/SASFraudManagement/6.2/<Auth-Domain>/analysis/bin
      $ ./tas.sh stop
   3. All batch jobs and processes running against the SAS FM databases should be stopped.
   4. All rule estimations should be stopped.
4. Stop SAS Servers:
   Stop the SAS servers using the sas.servers script located in <CONFIGDIR>/Lev1 directory:

   $ ./sas.servers stop
   

SERVER INSTALLATION

1. Important:  Install this hot fix using the same userid who performed the initial software installation.
2. Install the hot fix using the SAS Deployment Manager (SDM):
   

   Hot Fix M9S002 must be installed on each machine where the updated components of the product, listed above, are installed.

   The hot fix will be applied using the SAS Deployment Manager (SDM). By default, the SDM will search in the <SASHOME>/InstallMisc/HotFixes/New directory for hot fixes to be applied, but will also prompt for a location if you have downloaded hot fixes to a different directory. Do NOT extract the contents of M9S002pt.zip into the selected directory. The hot fix installation process will extract the contents as needed.

   After copying M9S002pt.zip, follow the instructions for applying hot fixes in the SAS Deployment Wizard and SAS Deployment Manager 9.4: User's Guide.

   For example:

   1. Set the DISPLAY environment variable, for example

      $ export DISPLAY=<displayname>:0

   2. From the SASDeploymentManager directory execute sasdm.sh

      $ cd <SASHOME>/SASDeploymentManager/9.4
      $ ./sasdm.sh

      Important: The SAS Deployment Manager will present a screen with two options: "Apply SAS hot fix" and "Configure SAS hot fix" On this screen, you must ensure that the "Configure SAS hot fix" option is *not* selected before continuing.

   Notes:

   • If this hot fix has been previously installed, use the -reinstallhotfix option:

     $ ./sasdm.sh -reinstallhotfix

   • If friendly fixes have been previously installed or if manual file updates have been made in <SASHOME>, use the -alwaysoverwrite option to ensure that those files are overwritten by the SDM:

     $ ./sasdm.sh -alwaysoverwrite

   The hot fix installation process generates a log whose name matches this pattern:

   <SASHOME>/InstallMisc/InstallLogs/IT_date-and-time-stamp.log

   An example file name is: IT_2024-01-28-11.00.31.log. Each attempt to apply a hot fix results in the creation of a new log file giving detailed information regarding the installation process.

   For each member hot fix, additional logs are written to the <SASHOME>/InstallMisc/InstallLogs directory. The logs whose names end with "_Install_postexec.log" identify the files that were added, backed up, changed and removed by the installation of that member hot fix.

POST-INSTALLATION INSTRUCTIONS: SERVER TIER

This section describes custom steps that depend on the starting version of your system before this hot fix was installed. Locate your starting version in the first column of the table below and perform only those steps listed in the second column for that version.

Starting Version	Steps
6.2M0 (No Hot Fix)	Steps for upgrade from base 6.2M0 to HF2 Update ODE Server Configuration Files IMPORTANT: If you have customized any of the files copied in this step, you must merge your updates into the new versions. On each ODE Server: Back up the ose.xml and redis.xml files in the <CONFIGDIR>/Lev1/Applications/SASFraudManagement/6.2/<Auth-Domain>/Server<n>/bin directory. Copy or merge these files: ose.xml redis.xml From: <SASHOME>/SASFraudManagementDecisionEngine/6.2/Config/etc To:   <CONFIGDIR>/Lev1/Applications/SASFraudManagement/6.2/<Auth-Domain>//engine/Server<n>/etc Update TAS Server Configuration Files IMPORTANT: If you have customized any of the files copied in this step, you must merge your updates into the new versions. On each TAS Server: If it exists, back up the log4j-testomr.xml file in the <CONFIGDIR>/Lev1/Applications/SASFraudManagement/6.2/<Auth-Domain>/analysis/etc directory. Copy this file: log4j-testomr.xml From: <SASHOME>/SASFraudTransactionalAnalysisEngine/6.2/Config/etc To:   <CONFIGDIR>/Lev1/Applications/SASFraudManagement/6.2/<Auth-Domain>/analysis/etc Update TAS Server Script Files IMPORTANT: If you have customized any of the files copied in this step, you must merge your updates into the new versions. On each TAS Server: Back up the tas.sh and wipeout.sh file in the <CONFIGDIR>/Lev1/Applications/SASFraudManagement/6.2/<Auth-Domain>/analysis/bin directory. Copy or merge these files: tas.sh wipeout.sh From: <SASHOME>/SASFraudManagementTransactionalAnalysisEngine/6.2/Config/bin To:   <CONFIGDIR>/Lev1/Applications/SASFraudManagement/6.2/<Auth-Domain>/analysis/bin Rebuild TAS indexes If you have existing indexes for TAS, you must remove and rebuild them. The SAS Metadata Server must be running for this step. Log on as the TAS user and change to the <CONFIGDIR>/Lev1/Applications/SASFraudManagement/6.2/<Auth-Domain>/analysis directory. Then run: bin/wipeout.sh <fully_qualified_hostname> 9200 bin/tas.sh erase rm -rf TASDB Note: The TASDB directory location is configurable. Check the server.data.txt property in the tas.properties file. Update Internationalization Files Internationalization files for some languages have been updated. Copy all files   From: <SASHome>/SASFoundation/9.4/misc/fsmsor/data   To: <CONFIGDIR>/Lev1/Applications/SASFraudManagement/6.2/<Auth-Domain>/batch/dbloader/data/sas After this hot fix installation is complete, the internationalization batch job(s) can be run to load the updated data into the database. Please refer to the Internationalization section in the SAS Fraud Management 6.2 System Administrator's Guide for details.
6.2M0 HF1	Steps for upgrade from HF1 to HF2 Update ODE Server Configuration Files IMPORTANT: If you have customized any of the files copied in this step, you must merge your updates into the new versions. On each ODE Server: Back up the ose.xml and redis.xml files in the <CONFIGDIR>/Lev1/Applications/SASFraudManagement/6.2/<Auth-Domain>/Server<n>/bin directory. Copy or merge this file: ose.xml redis.xml From: <SASHOME>/SASFraudManagementDecisionEngine/6.2/Config/etc To:   <CONFIGDIR>/Lev1/Applications/SASFraudManagement/6.2/<Auth-Domain>//engine/Server<n>/etc Update TAS Server Script Files IMPORTANT: If you have customized any of the files copied in this step, you must merge your updates into the new versions. On each TAS Server: Back up the wipeout.sh file in the <CONFIGDIR>/Lev1/Applications/SASFraudManagement/6.2/<Auth-Domain>/analysis/bin directory. Copy or merge this file: wipeout.sh From: <SASHOME>/SASFraudTransactionalAnalysisEngine/6.2/Config/bin To:   <CONFIGDIR>/Lev1/Applications/SASFraudManagement/6.2/<Auth-Domain>/analysis/bin Update Internationalization Files Internationalization files for some languages have been updated. Copy all files   From: <SASHome>/SASFoundation/9.4/misc/fsmsor/data   To: <CONFIGDIR>/Lev1/Applications/SASFraudManagement/6.2/<Auth-Domain>/batch/dbloader/data/sas After this hot fix installation is complete, the internationalization batch job(s) can be run to load the updated data into the database. Please refer to the Internationalization section in the SAS Fraud Management 6.2 System Administrator's Guide for details.

POST-INSTALLATION INSTRUCTIONS: DATA TIER

1. Execute SAS Fraud Management DBMS Package to Update the Databases
   1. The following table describes the database changes for each hot fix. The DBMS script for each database will examine the current state of the database and apply the required changes for the all previous hot fixes and the current hot fix.

      Vendor	Database	Hot fix	Updates
      PostgreSQL DB2 Oracle	SOR	HF1	Remove FCM_PROPERTY entries: rpt_alerts_score_band_purge_days rpt_alerts_stage_purge_days rpt_cf_txn_alerts_purge_days rpt_false_positive_purge_days rpt_frq_rule_firing_purge_days Add new FCM_PROPERTY: or_bind_number_to_binary_double Change Liquibase version to the default platform version.
      PostgreSQL DB2 Oracle	SOR	HF2	Create SELECT on FMX_CHANGE_LOG_SOR to the Batch Role for SCOUTF Job
      PostgreSQL DB2 Oracle	TDR	HF2	Create SELECT on FMX_CHANGE_LOG_TDR to the Batch Role for SCOUTF Job
      PostgreSQL DB2 Oracle	MEH	HF2	Create SELECT on FMX_CHANGE_LOG_MEH to the Batch Role for SCOUTF Job

   2. As the SAS installation user, log on to the server where the SAS Fraud Management Data Services component is installed.
   3. Change to the <CONFIGDIR>/Lev1/Applications/SASFraudManagement/6.2/<Auth-Domain>/dbms/bin directory.
   4. (Optional) To preview the SQL for the changes that will be applied to each database, run the following commands:

      $ ./mehddl.sh preview
      $ ./sorddl.sh preview
      $ ./tdrddl.sh preview

   5. Run the database update scripts. Check each log for errors. By default, the logs are in <CONFIGDIR>/Lev1/Applications/SASFraudManagement/6.2/<Auth-Domain>/dbms/logs directory.

      $ ./mehddl.sh update
      $ ./sorddl.sh update
      $ ./tdrddl.sh update

      Notes:
      • You can run all three <db>ddl.sh scripts whether there are database changes or not. The DBMS package will determine what updates are needed and skip the rest.
      • If a script fails with a checksum error, clear the checksums for the failed database followed by the update command:

        $ ./mehddl.sh clearCheckSums
        $ ./mehddl.sh update
        
        $ ./sorddl.sh clearCheckSums
        $ ./sorddl.sh update
        
        $ ./tdrddl.sh clearCheckSums
        $ ./tdrddl.sh update

      • You can update the logging level and log file location the database properties files located in the <CONFIGDIR>/Lev1/Applications/SASFraudManagement/6.2/<Auth-Domain>/dbms/etc directory.

POST-INSTALLATION INSTRUCTIONS: MID TIER

Rebuild and redeploy the SAS Fraud Management Mid-Tier web application to your web application servers.

See SAS 9.4 Intelligence Platform Middle-Tier Administration Guide for details on rebuilding and redeploying Web Applications.

RESTART SAS SERVERS

Restart the SAS servers using the sas.servers script located in <CONFIGDIR>/Lev1 directory:

$ ./sas.servers stop
$ ./sas.servers start

START SAS Fraud Management

1. Redeploy Rules Files in SAS Fraud Management Web Application:

   Log in to the web application as a user with the privilege to deploy rules on the Console tab. Deploy all the existing rules files.

   Note: After a hot fix install, all users may need to clear their web browser cache before running the web application.

2. Start SAS Fraud Management Servers:
   1. Start the TAS server. Log on as the TAS user and run:
      $ cd <CONFIGDIR>/Lev1/Applications/SASFraudManagement/6.2/<Auth-Domain>/analysis/bin
      $ ./tas.sh start

   Confirm there are no errors in the log.

   2. Start the ODE server(s). Log on as the ODE user and run:
      $ cd <CONFIGDIR>/Lev1/Applications/SASFraudManagement/6.2/<Auth-Domain>/engine/Server<n>bin
      $ ./ose.sh start

   Confirm there are no errors in the log.

   3. Start any batch jobs that were stopped before the installation.
3. Create a final Deployment Registry report on each server:
   

   Run a new SAS Deployment Registry report following the same steps as in the PRE-INSTALLATION INSTRUCTIONS. The new report files will overwrite the existing ones. To retain the old files, save them to a new location or rename them before running the commands.

   Please send a copy of the final DeploymentRegistry.txt file to SAS Fraud Management support.

ADDITIONAL INSTRUCTIONS: SAS Business Orchestration Services (BOSS) Servers

If SAS Business Orchestration Services (BOSS) is used to send transactions to the SAS OnDemand Decision Engine, then three JAR files must match between the OnDemand Decision Engine and the BOSS installation.


The three JAR files are:

• sas.finance.fraud.engine.jar
• sas.finance.fraud.transaction.jar
• sas.finserv.creditfraud.common.jar

If these jars have been updated by this hot fix or any hot fix since your starting hot fix level, they must be copied into the 'lib' subdirectory of the BOSS installation directory. For additional details see SAS KB0036356.

Important: Save a backup copy of the jars from the BOSS directory before replacing them.