-
Notifications
You must be signed in to change notification settings - Fork 285
SELKS 3.0RC1 to SELKS 3.0 upgrades
Eric Leblond edited this page Aug 11, 2016
·
8 revisions
As a standard procedure please make sure you confirm everything in a test environment before doing it in production.
To upgrade from SELKS 3.0RC1 to SELKS 3.0 follow the sequence below:
Edit /etc/elasticsearch/elasticsearch.yml
Make sure you have commented out the line http.cors.enabled: true (bottom of the config) like so:
#Enable Kibana logging #http.cors.enabled: true
First upgrade major components via the Debian distribution process:
systemctl stop kibana /usr/share/elasticsearch/bin/plugin remove delete-by-query apt-get update && apt-get -y dist-upgrade
then finalize upgrade of ELK stack and scirius: :
chown -R kibana /opt/kibana/optimize/ /usr/share/elasticsearch/bin/plugin install delete-by-query systemctl restart elasticsearch systemctl restart kibana
Now we need to update evebox interaction with systemd:
rm -f /etc/systemd/system/evebox.service systemctl daemon-reload systemctl restart evebox
and upgrade the python dependencies for scirius:
pip install --upgrade 'django<1.9' django-tables2 GitPython pyinotify flup six django-dbbackup django-bootstrap3 django-revproxy ipy /etc/init.d/scirius restart
Finally you can load the new dashboards:
How to load or update dashboards.
or upgrade kernel (optional):