Skip to content

Latest commit

 

History

History
145 lines (80 loc) · 4.63 KB

linux.rst

File metadata and controls

145 lines (80 loc) · 4.63 KB
Raw

Upgrading Wazuh agents on Linux systems

Select your package manager and follow the instructions to upgrade the Wazuh agent locally. If you want to perform a remote upgrade, check the Remote agent upgrade </user-manual/agents/remote-upgrading/upgrading-agent> section to learn more.

Note

You need root user privileges to run all the commands described below.

Yum

  1. Import the GPG key.

    # rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH

  2. Add the Wazuh repository.

    # cat > /etc/yum.repos.d/wazuh.repo << EOF
[wazuh]
gpgcheck=1
gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH
enabled=1
name=EL-\$releasever - Wazuh
baseurl=https://packages.wazuh.com/4.x/yum/
protect=1
EOF

  3. Clean the YUM cache.

    # yum clean all

  4. Upgrade the Wazuh agent to the latest version.

    # yum upgrade wazuh-agent|WAZUH_AGENT_RPM_PKG_INSTALL|

  5. It is recommended to disable the Wazuh repository in order to avoid undesired upgrades and compatibility issues as the Wazuh agent should always be in the same or an older version than the Wazuh manager.

    # sed -i "s/^enabled=1/enabled=0/" /etc/yum.repos.d/wazuh.repo

APT

  1. Install the GPG key.

    # curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | gpg --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/wazuh.gpg --import && chmod 644 /usr/share/keyrings/wazuh.gpg

  2. Add the Wazuh repository.

    # echo "deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages.wazuh.com/4.x/apt/ stable main" | tee -a /etc/apt/sources.list.d/wazuh.list

  3. Upgrade the Wazuh agent to the latest version.

    # apt-get update
# apt-get install wazuh-agent|WAZUH_AGENT_DEB_PKG_INSTALL|

  4. It is recommended to disable the Wazuh repository in order to avoid undesired upgrades and compatibility issues as the Wazuh agent should always be in the same or an older version than the Wazuh manager. Skip this step if the package is set to a hold state.

    # sed -i "s/^deb/#deb/" /etc/apt/sources.list.d/wazuh.list
# apt-get update

Note

For Debian 7, 8, and Ubuntu 14 systems import the GCP key and add the Wazuh repository (steps 1 and 2) using the following commands.

# apt-get install gnupg apt-transport-https
# curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | apt-key add -
# echo "deb https://packages.wazuh.com/4.x/apt/ stable main" | tee -a /etc/apt/sources.list.d/wazuh.list

ZYpp

  1. Import the GPG key.

    # rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH

  2. Add the Wazuh repository.

    # cat > /etc/zypp/repos.d/wazuh.repo <<\EOF
[wazuh]
gpgcheck=1
gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH
enabled=1
name=EL-$releasever - Wazuh
baseurl=https://packages.wazuh.com/4.x/yum/
protect=1
EOF

  3. Refresh the repository.

    # zypper refresh

  4. Upgrade the Wazuh agent to the latest version.

    # zypper update wazuh-agent|WAZUH_AGENT_ZYPP_PKG_INSTALL|

  5. It is recommended to disable the Wazuh repository in order to avoid undesired upgrades and compatibility issues as the Wazuh agent should always be in the same or an older version than the Wazuh manager.

    # sed -i "s/^enabled=1/enabled=0/" /etc/zypp/repos.d/wazuh.repo

Note

When upgrading agents from versions earlier than 4.x, make sure that the communication protocol is compatible. Up to that point, UDP was the default protocol and it was switched to TCP for later versions. Edit the agent configuration file ossec.conf to update the protocol <server_protocol> or make sure that your Wazuh manager accepts both protocols<manager_protocol>.