30.0 Upgrading Sentinel Traditional Installation

The procedures in this chapter guide you through upgrading the Sentinel.

You can upgrade Sentinel from any lower versions to 8.3.1 first. From 8.3.1 you can upgrade to a higher version of Sentinel.

Until Sentinel 8.5.0.1, Python2 was supported on SLES 12x and RHEL 7x and Python3 on SLES 15x and RHEL 8x. Since Python2 has reached end of life, Python3 is supported beginning with Sentinel 8.6.1.0. Therefore, before upgrading to Sentinel 8.6.1.0, ensure that Python3-related packages are installed on the RHEL and SLES servers.

To install Python3 packages on SLES and RHEL severs, perform the following steps:

NOTE:Before upgrading to version 8.6.1, ensure that python 3.9 is installed on the box, and for a fresh installation, make sure python 3.9 and openss1-1.1.1 are installed on RHEL 8.x boxes.

  • On SLES, run the following commands:

    zypper in python36

    zypper in openssl-1_1

  • On RHEL 8.x, run the following commands:

    yum install python3.9

    yum install openssl-1.1.1

  • On RHEL 7.9, run the following commands:

    yum install python36

    yum install openssl-1.0.2

Upgrade RHEL 8.x to RHEL 9.x

  1. Make sure that python3.9 is installed (yum install python3.9)

  2. Upgrade existing Sentinel version to Sentinel 8.6.1.0

  3. Upgrade RHEL OS from 8.x to 9.x.

Squashfs Package on Traditional Box

Earlier, the Sentinel server installer included the squashfs package. As the squashfs package is available on all operating systems, it has been removed from the Sentinel installer bundle from the 8.6.1.0 version onwards. Therefore, the following steps must performed before you upgrade to Sentinel 8.6.1.0:

  1. Remove squashfs rpm that was previously installed on the Sentinel server by using the following command:

    rpm -e –nodeps squashfs

  2. Install the squashfs package that is available with the operating system by using the following command:

    On SLES 

    zypper in squashfs

    On RHEL (applicable to traditional boxes) 

    yum in squashfs-tools

  3. Verify that the squashfs package is installed on the server by running the following command:

    rpm -qa | grep squashfs

After installing the squashfs package, you can upgrade Sentinel version to 8.6.1.0.

You can upgrade from any version below 8.3.1 to 8.3.1 first, then from 8.3.1 need to upgrade to 8.6.1.0.

IMPORTANT:If you are upgrading from earlier versions of Sentinel 8.3.0.0, below steps are applicable.

IMPORTANT:When you are upgrading the Sentinel server, make sure to upgrade Collector Manager systems and Correlation Engine systems to the same version of the Sentinel server. Otherwise, you might face some issues in the system due to schema changes or new features changes.

The upgrade process does the following:

  • Migrates Security Intelligence data and alerts data from MongoDB to PostgreSQL.

    Sentinel now stores Security Intelligence data, alerts data, and so on in PostgreSQL instead of MongoDB. The upgrade process will first migrate this data to PostgreSQL and if successful, will automatically proceed with the upgrade. If the data migration is unsuccessful, you cannot upgrade Sentinel.

  • Generates a cleanup script that you can use to remove data and MongoDB related RPMs.

  • The data stored in MongoDB is retained as a backup.

NOTE:RHEL 7.9 customers, can upgrade to Sentinel 8.6.1 and upgrade the operating system to RHEL 8.x with Sentinel 8.6.1 in place. However, upgrading to RHEL 9.x from RHEL 7.9 with sentinel 8.6.1 installed is not supported; to upgrade to RHEL 9.x, follow the path of first upgrading the OS to an RHEL 8.x supported platform and then upgrading Sentinel to 8.6.1.

NOTE:RHEL 8.x customers upgrading to RHEL 9.x should first upgrade the Sentinel server to version 8.6.1. The upgrade to RHEL 9.x is only supported after successfully upgrading to Sentinel 8.6.1.

Table 30-1 Upgrade Path

Sentinel Base Version

OS Base Version

Sentinel Upgrade

OS Upgrade

Note

8.3.1.0

SLES 12.5

8.6.1

  • Upgrading to Sentinel 8.6.1 will work without any issues.

SLES 15.x

8.6.1

  • Any supported Path

  • Start with an OS upgrade to Sentinel 8.6.1 supported platform, and then proceed with the product upgrade

.

RHEL6.x

8.6.1

  • 7.9

  • 8.x

  • 9.x

  • Start with an OS upgrade to a Sentinel 8.6.1 supported platform, and then proceed with the product upgrade.

  • Start with an OS upgrade to Sentinel 8.6.1 supported platform, and then proceed with the product upgrade.

  • Start with an OS upgrade to RHEL 8.x, followed by the product upgrade to 8.6.1, and then proceed to upgrade the OS to 9.x.

RHEL7.x

8.6.1

  • 7.9

  • 8.x

  • 9.x

  • Start with an OS upgrade to a Sentinel 8.6.1 supported platform, and then proceed with the product upgrade.

  • Start with an OS upgrade to Sentinel 8.6.1 supported platform, and then proceed with the product upgrade.

  • Start with an OS upgrade to RHEL 8.x, followed by the product upgrade to 8.6.1, and then proceed to upgrade the OS to 9.x.

RHEL8.x

8.6.1

  • 8.x

  • 9.x

  • Start with an OS upgrade to Sentinel 8.6.1 supported platform, and then proceed with the product upgrade.

  • Start with a Product upgrade to 8.6.1, followed by the OS upgrade to 9.x.

8.4.x.x

SLES 12.5

8.6.1

  • Upgrading to Sentinel 8.6.1 will work without any issues.

SLES 15.x

8.6.1

  • Any supported path

  • Start with an OS upgrade to Sentinel 8.6.1 supported platform, and then proceed with the product upgrade.

RHEL7.x

8.6.1

  • 7.9

  • 8.x

  • 9.x

  • Start with an OS upgrade to a Sentinel 8.6.1 supported platform, and then proceed with the product upgrade.

  • Start with an OS upgrade to Sentinel 8.6.1 supported platform, and then proceed with the product upgrade.

  • Start with an OS upgrade to RHEL 8.x, followed by the product upgrade to 8.6.1, and then proceed to upgrade the OS to 9.x.

RHEL8.x

8.6.1

  • 8.x

  • 9.x

  • Start with an OS upgrade to Sentinel 8.6.1 supported platform, and then proceed with the product upgrade.

  • Start with a Product upgrade to 8.6.1, followed by the OS upgrade to 9.x.

8.5.x.x

SLES 12.5

8.6.1

  • Upgrading to Sentinel 8.6.1 will work without any issues.

SLES 15.x

8.6.1

  • Any supported path

  • Start with an OS upgrade to Sentinel 8.6.1 supported platform, and then proceed with the product upgrade.

RHEL7.9

8.6.1

  • 7.9

  • 8.x

  • 9.x

  • Start with an OS upgrade to a Sentinel 8.6.1 supported platform, and then proceed with the product upgrade.

  • Start with an OS upgrade to Sentinel 8.6.1 supported platform, and then proceed with the product upgrade.

  • Start with a Product upgrade to 8.6.1, followed by the OS upgrade to 9.x.

RHEL8.x

8.6.1

  • 8.x

  • 9.x

  • Start with an OS upgrade to Sentinel 8.6.1 supported platform, and then proceed with the product upgrade.

  • Start with a Product upgrade to 8.6.1, followed by the OS upgrade to 9.x.

8.6.0.0

SLES 12.5

8.6.1

  • Start with the OS upgrade, followed by the product upgrade. In cases where the OS support intersects with the product upgrade requirements, consider upgrading the product first, followed by the OS.

SLES 15.x

8.6.1

  • Any supported path

  • Start with the OS upgrade, followed by the product upgrade. In cases where the OS support intersects with the product upgrade requirements, consider upgrading the product first, followed by the OS.

RHEL7.9

8.6.1

  • 7.9

  • 8.x

  • 9.x

  • Start with an OS upgrade to a Sentinel 8.6.1 supported platform, and then proceed with the product upgrade.

  • Start with an OS upgrade to Sentinel 8.6.1 supported platform, and then proceed with the product upgrade.

  • Start with an OS upgrade to RHEL 8.x, followed by the product upgrade to 8.6.1, and then proceed to upgrade the OS to 9.x.

RHEL8.x

8.6.1

  • 8.x

  • 9.x

  • Start with an OS upgrade to Sentinel 8.6.1 supported platform, and then proceed with the product upgrade.

  • Start with a Product upgrade to 8.6.1, followed by the OS upgrade to 9.x.

Figure 30-1 RHEL Upgrade Path

Figure 30-2 SLES Upgrade Path