31.1 Upgrading to Sentinel 8.2

Sentinel 8.2 is certified on both SLES 11 SP4 and SLES 12 SP3. Therefore, to upgrade to Sentinel 8.2, you can do one of the following:

  • Upgrade Sentinel without upgrading the SLES operating system.

  • Upgrade Sentinel and then upgrade the operating system to SLES 12 SP3.

    IMPORTANT:

    • The Sentinel 8.2 appliance includes SLES 12 SP3 because the SLES 11 updates channel is now deprecated and will be removed when SUSE ends general support for SLES 11. Therefore, you should upgrade to SLES 12 SP3 operating system to continue receiving Sentinel and operating system updates.

    • You can upgrade to later versions of Sentinel only if you upgrade the operating system to SLES 12 SP3. This is because later versions of Sentinel are available only on the SLES 12 channel.

You can upgrade to Sentinel 8.2 either through the Appliance Update Channel or SMT.

31.1.1 Upgrading Sentinel through the Appliance Update Channel

You can upgrade Sentinel by using Zypper. Zypper is a command line package manager that allows you to perform an interactive upgrade of appliance. In instances where user interaction is required to complete the upgrade, such as an end user license agreement update, you must upgrade the Sentinel appliance using Zypper.

To upgrade the appliance through the Appliance update channel:

  1. Back up your configuration, then create an ESM export.

    For more information, see Backing Up and Restoring Data in the Sentinel Administration Guide.

  2. (Conditional) If you have customized the configuration settings in the server.xml, collector_mgr.xml, or correlation_engine.xml files, ensure that you have created appropriate properties files named with the obj-component id to ensure that the customizations are retained after the upgrade. For more information, see Maintaining Custom Settings in XML Files in the Sentinel Administration Guide.

  3. Log in to the appliance console as the root user.

  4. Run the following command:

    /usr/bin/zypper patch

  5. (Conditional) If the installer displays a message that you must resolve dependency for the OpenSSH package, enter the appropriate option to downgrade the OpenSSH package.

  6. (Conditional) If the installer displays a message that indicates change in the ncgOverlay architecture, enter the appropriate option to accept the architecture change.

  7. (Conditional) If the installer displays a message that you must resolve dependency for some appliance packages, enter the appropriate option to deinstall the dependent packages.

  8. Enter Y to proceed.

  9. Enter yes to accept the license agreement.

  10. Open the/etc/sysctl.conf file and search for # Added by sentinel vm.max_map_count. Move this setting to the next line as follows:

    Change

    net.core.wmem_max = 67108864# Added by sentinel vm.max_map_count : 65530
vm.max_map_count = 262144

    to

    net.core.wmem_max = 67108864
# Added by sentinel vm.max_map_count : 65530
vm.max_map_count = 262144

  11. Restart the Sentinel appliance.

  12. (Conditional) If Sentinel is installed on a custom port or if the Collector Manager or the Correlation Engine is in FIPS mode, run the following command:

    /opt/novell/sentinel/setup/configure.sh

  13. Clear your web browser cache to view the latest Sentinel version.

  14. (Conditional) If the PostgreSQL database has been upgraded to a major version (for example, 8.0 to 9.0 or 9.0 to 9.1), clear the old PostgreSQL files from the PostgreSQL database. For information about whether the PostgreSQL database was upgraded, see the Sentinel Release Notes.

    1. Switch to novell user.

      su novell

    2. Browse to the bin folder:

      cd /opt/novell/sentinel/3rdparty/postgresql/bin

    3. Delete all the old postgreSQL files by using the following command:

      ./delete_old_cluster.sh

  15. (Conditional) To upgrade the Collector Manager or the Correlation Engine, follow Step 3 through Step 12.

  16. (Conditional) If you are running Sentinel in an HA environment, repeat these steps on all nodes in the cluster.

  17. (Conditional) To upgrade the operating system, see Upgrading the Operating System to SLES 12 SP3.

  18. Restart Sentinel.

31.1.2 Upgrading Sentinel by Using SMT

In secured environments where the appliance must run without direct internet access, you can configure the appliance with Subscription Management Tool (SMT) that allows you upgrade the appliance to the latest available versions.

  1. Ensure that the appliance is configured with SMT.

    For more information, see Configuring the Appliance with SMT.

  2. Back up your configuration, then create an ESM export.

    For more information, see Backing Up and Restoring Data in the Sentinel Administration Guide.

  3. (Conditional) If you have customized the configuration settings in the server.xml, collector_mgr.xml, or correlation_engine.xml files, ensure that you have created appropriate properties files named with the obj-component id to ensure that the customizations are retained after the upgrade. For more information, see Maintaining Custom Settings in XML Files in the Sentinel Administration Guide.

  4. Log in to the appliance console as the root user.

  5. Refresh the repository for upgrade:

    zypper ref -s

  6. Check whether the appliance is enabled for upgrade:

    zypper lr

  7. (Optional) Check the available updates for the appliance:

    zypper lu

  8. (Optional) Check the packages that include the available updates for the appliance:

    zypper lp -r SMT-http_<smt_server_fqdn>:<package_name>

  9. Update the appliance:

    zypper up -t patch -r SMT-http_<smt_server_fqdn>:<package_name>

  10. Open the/etc/sysctl.conf file and search for # Added by sentinel vm.max_map_count. Move this setting to the next line as follows:

    Change

    net.core.wmem_max = 67108864# Added by sentinel vm.max_map_count : 65530
vm.max_map_count = 262144

    to

    net.core.wmem_max = 67108864
# Added by sentinel vm.max_map_count : 65530
vm.max_map_count = 262144

  11. Restart the appliance.

    rcsentinel restart

  12. (Conditional) If Sentinel is installed on a custom port or if the Collector Manager or the Correlation Engine is in FIPS mode, run the following command:

    /opt/novell/sentinel/setup/configure.sh

  13. (Conditional) To upgrade the Collector Manager or the Correlation Engine, follow Step 4 through Step 12.

  14. (Conditional) If you are running Sentinel in an HA environment, repeat these steps on all nodes in the cluster.

  15. (Conditional) To upgrade the operating system, see Upgrading the Operating System to SLES 12 SP3.

  16. Restart Sentinel.