Use the following steps to upgrade the Sentinel server:
To upgrade the Sentinel server:
Back up your configuration, then create an ESM export.
For more information about backing up data, see Backing Up and Restoring Data
in the Sentinel Administration Guide.
(Conditional) If you have customized the configuration settings in the server.xml, collector_mgr.xml, or correlation_engine.xml files, ensure that you have created appropriate properties files named with the obj-component id to ensure that the customizations are retained after the upgrade. For more information, see Maintaining Custom Settings in XML Files
in the Sentinel Administration Guide.
Download the latest installer from the Download Website.
Log in as root to the server where you want to upgrade Sentinel.
Specify the following command to extract the install files from the tar file:
tar xfz <install_filename>
Replace <install_filename> with the actual name of the install file.
Go to the untarred location of the installer, for example:
cd /opt/sentinel_server-<version>*
Specify the following command to upgrade Sentinel:
./install-sentinel
To proceed with a language of your choice, select the number next to the language.
The end user license agreement is displayed in the selected language.
Read the end user license, enter yes or y to accept the license, then continue with the installation.
IMPORTANT:If you are upgrading from earlier versions of Sentinel 8.3.0.0, below steps are applicable.
(Conditional) Select the required migration option. It migrates Security Intelligence data and Alerts data from MongoDB to PostgreSQL.
If you select the Only upgrade without migrating data option, the Sentinel server should be up and running.
WARNING:Ensure that you select the appropriate option because you cannot repeat this procedure after the upgrade is successful.
If your data is migrated successfully, the data that was stored in MongoDB is retained a s a backup, and then the Sentinel upgrade process will automatically proceed.
The upgrade might take several minutes to complete.
(Conditional) If the data migration is not successful:
Clean up the partially migrated data. For more information, see Cleaning Up Data From PostgreSQL When Migration Fails.
Repeat from Step 7 to Step 10 above until you upgrade Sentinel.
(Conditional) Before the upgrade, if event visualization is enabled, after upgrading to Sentinel 8.4.0.0, Elasticsearch stops as it is enabled with X-Pack security plug-in, to start Elasticsearch follow the procedure in Settings in Elasticsearch for Secure Cluster Communication.
Clear your web browser cache to view the latest Sentinel version.
(Conditional) If the delete_old_cluster.sh file is located in the bin folder (/opt/novell/sentinel/3rdparty/postgresql/bin), which means the PostgreSQL database has been upgraded to a major version (for example, 8.0 to 9.0). Clear the old PostgreSQL files from the PostgreSQL database. The folder path might be different in case of custom path installations.
To clear the old PostgreSQL files:
Switch to the novell user:
su novell
Browse to the bin folder:
cd /opt/novell/sentinel/3rdparty/postgresql/bin
Delete all the old PostgreSQL files by using the following command:
./delete_old_cluster.sh
Log in to Sentinel and verify the migrated data such as alerts, Security Intelligence data, and so on.
The data in MongoDB is now redundant because Sentinel 8.3 and later will store data only in PostgreSQL. To clear up the disk space, delete this data. For more information, see Removing Data from MongoDB.
To upgrade Collector Manager systems and Correlation Engine systems, see Upgrading the Collector Manager or the Correlation Engine.