User Guide

Single Node Upgrade from 4.35 to 4.36

This guide will lead you through the steps specific for upgrading a NetEye Single Node installation from version 4.35 to 4.36.

Upgrading a NetEye Single Node takes a nontrivial amount of time. Granted the environment connectivity is seamless, the upgrade procedure may take up to 30 minutes.

Warning

Remember that you must upgrade sequentially without skipping versions, therefore an upgrade to 4.36 is possible only from 4.35; for example, if you have version 4.27, you must first upgrade to the 4.28, then 4.29, and so on.

Breaking Changes

Deprecation of the neteye_secure_install

Starting from NetEye 4.36, the neteye_secure_install script is deprecated, but will still be available for internal procedures only. The new installation command will be neteye install. To learn more about it, please refer to the neteye install section.

Alyvix Module General Module Access

Until NetEye 4.35, the permission General Module Access for the Alyvix module was providing the same permissions as the Full Module Access. However, with the introduction of Multi-Tenancy the Alyvix permissions are being revisited.

As a result, starting from version 4.36, upon enabling Multi-Tenancy for Alyvix (refer to Additional Tasks), General Module Access will no longer grant full access to the module. Instead, similar to other modules, it will provide visibility of the module itself without specific permissions.

For more details on the new permissions configuration for the Alyvix module, please refer to the User Roles configuration.

Prerequisites

Before starting the upgrade, you should read very carefully the latest release notes on NetEye’s blog and check out the features that will be changed or deprecated after the upgrade.

  1. All NetEye packages installed on a currently running version must be updated according to the update procedure prior to running the upgrade.

  2. NetEye must be up and running in a healthy state.

  3. Disk Space required:

    • 3GB for / and /var

    • 150MB for /boot

  4. If the SIEM module is installed:

    • The rubygems.org domain should be reachable by the NetEye Master only during the update/upgrade procedure. This domain is needed to update additional Logstash plugins and thus is required only if you manually installed any Logstash plugin that is not present by default.

1. Run the Upgrade

To perform the upgrade, run from the command line the following command:

neteye# (nohup neteye upgrade &) && tail --retry -f nohup.out

After the command was executed, the output will inform if the upgrade was successful or not:

  • In case of successful upgrade you might need to restart NetEye to properly apply the upgrades. If the reboot is not needed, please skip the next step.

  • In case the command fails refer to the troubleshooting section.

2. Reboot

Restart NetEye to apply the upgrades correctly.

neteye# neteye node reboot

3. Additional Tasks

Alyvix Nodes Multitenancy Migration

This section applies only to NetEye installations that are using the Alyvix Feature Module and should be followed for both single tenant and multi tenant environments.

After the upgrade to NetEye 4.36 has been completed, granted the connected Alyvix nodes are updated to version >= 2.5.0, it will be possible to enable the Multitenancy features by following the guide in the Multitenancy Migration section.