30.2 Upgrading Sentinel as a Non-root User

If your organizational policy does not allow you to run the full upgrade of Sentinel as root, you can upgrade Sentinel as another user. In this upgrade, a few steps are performed as a root user, then you proceed to upgrade Sentinel as another user created by the root user.

  1. Back up your configuration, then create an ESM export.

    For more information on backing up data, see Backing Up and Restoring Data in the Sentinel Administration Guide.

  2. (Conditional) If you have customized the configuration settings in the server.xml, collector_mgr.xml, or correlation_engine.xml files, ensure that you have created appropriate properties files named with the obj-component id to ensure that the customizations are retained after the upgrade. For more information, see Backing Up and Restoring Data in the Sentinel Administration Guide.

  3. Download the installation files from the Downloads Website.

  4. Specify the following command at the command line to extract the install files from the tar file:

    tar -zxvf <install_filename>

    Replace <install_filename> with the actual name of the install file.

  5. Log in as root to the server where you want to upgrade the Sentinel.

    • Go to the untarred location of the installer, for example:

      cd /opt/sentinel_server-8.4.0.0*
  6. Extract the squashfs RPM from the Sentinel install files.

  7. Install the squashfs on the Sentinel server.

    rpm -Uvh <install_filename>
  8. Switch to novell user:

    su novell

  9. (Conditional) To do an interactive upgrade:

    1. Go to the Sentinel installation directory and run the following command:

      ./bin/root_install_prepare

      Specify the following command:

      ./install-sentinel

      To upgrade Sentinel in a non-default location, specify the --location option along with the command. For example:

      ./install-sentinel --location=/foo
    2. Continue with Step 11.

  10. (Conditional) To do a silent upgrade, specify the following command:

    ./install-sentinel -u <response_file>

    The installation proceeds with the values stored in the response file. The Sentinel upgrade is complete.

  11. Specify the number for the language you want to use for the upgrade.

    The end user license agreement is displayed in the selected language.

  12. Read the end user license and enter yes or y to accept the license and continue with the upgrade.

  13. IMPORTANT:If you are upgrading from earlier versions of Sentinel 8.3.0.0, below steps are applicable.

    1. (Conditional) Select the migration option. It migrates Security Intelligence data and alerts data from MongoDB to PostgreSQL.

      WARNING:Ensure that you select the appropriate option because you cannot repeat this procedure after the upgrade is successful.

      If your data is migrated successfully, the data that was stored in MongoDB is retained as a backup, and then the Sentinel upgrade process will automatically proceed.

      The upgrade might take several minutes to complete.

    2. (Conditional) If the data migration is not successful:

      1. Clean up the migrated data. For more information, see Cleaning Up Data From PostgreSQL When Migration Fails.

      2. Repeat from Step 7 to Step 13 above until you upgrade Sentinel.

  14. (Conditional) Before the upgrade, if event visualization is enabled, after upgrading to Sentinel 8.4.0.0, Elasticsearch stops as it is enabled with X-Pack security plug-in, to start Elasticsearch follow the procedure in Settings in Elasticsearch for Secure Cluster Communication.

  15. Clear your web browser cache to view the latest Sentinel version.

  16. (Conditional) If the delete_old_cluster.sh file is located in the bin folder (/opt/novell/sentinel/3rdparty/postgresql/bin), which means the PostgreSQL database has been upgraded to a major version (for example, 8.0 to 9.0). Clear the old PostgreSQL files from the PostgreSQL database. The folder path might be different in case of custom path installations.

    To clear the old PostgreSQL files:

    1. Switch to the novell user.

      su novell
    2. Browse to the bin folder:

      cd /opt/novell/sentinel/3rdparty/postgresql/bin
    3. Delete all the old PostgreSQL files by using the following command:

      ./delete_old_cluster.sh
  17. Log in to Sentinel and verify the migrated data such as alerts, Security Intelligence data, and so on.

  18. The data in MongoDB is now redundant because Sentinel 8.3 and later will store data only in PostgreSQL. To clear up the disk space, delete this data. For more information, see Removing Data from MongoDB.