Upgrading the Wazuh manager
This section describes how to upgrade the Wazuh manager to the latest available version, which includes upgrading to the latest compatible version of Open Distro for Elasticsearch or Elastic Stack basic licence.
Note
In order to reduce server downtime, it is recommended to update the master node first
Note
Root user privileges are required to execute all the commands described below.
To upgrade the Wazuh manager, choose the appropriate tab for the desired package manager:
Import the GPG key:
# rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH
Add the repository:
# cat > /etc/yum.repos.d/wazuh.repo << EOF [wazuh] gpgcheck=1 gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH enabled=1 name=EL-$releasever - Wazuh baseurl=https://packages.wazuh.com/4.x/yum/ protect=1 EOF
Clean the YUM cache:
# yum clean all
Upgrade the Wazuh manager to the latest version:
# yum upgrade wazuh-manager
Install the GPG key:
# curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | apt-key add -
Add the repository:
# echo "deb https://packages.wazuh.com/4.x/apt/ stable main" | tee -a /etc/apt/sources.list.d/wazuh.list
Update the package information:
# apt-get update
Upgrade the Wazuh manager to the latest version:
# apt-get install wazuh-manager
Import the GPG key:
# rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH
Add the repository:
# cat > /etc/zypp/repos.d/wazuh.repo <<\EOF [wazuh] gpgcheck=1 gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH enabled=1 name=EL-$releasever - Wazuh baseurl=https://packages.wazuh.com/4.x/yum/ protect=1 EOF
Upgrade the Wazuh manager to the latest version:
# zypper update wazuh-manager
Note
The configuration file of the Wazuh manager will not be replaced in the updates if it has been modified, so the settings of the new capabilities will have to be added manually. More information can be found at the User manual.
If Wazuh runs in a multi-node cluster, it is necessary to update all Wazuh managers to the same version. Otherwise, Wazuh nodes will not join the cluster.
Disabling the Wazuh repository
It is recommended to disable the Wazuh repository in order to avoid undesired upgrades and compatibility issues:
# sed -i "s/^enabled=1/enabled=0/" /etc/yum.repos.d/wazuh.repo
This step is not necessary if the user set the packages to a hold state instead of disabling the repository.
# sed -i "s/^deb/#deb/" /etc/apt/sources.list.d/wazuh.list
# apt-get update
Alternatively, the user can set the package state to hold, which will stop updates. It will be still possible to upgrade it manually using apt-get install:
# echo "wazuh-manager hold" | sudo dpkg --set-selections
# sed -i "s/^enabled=1/enabled=0/" /etc/zypp/repos.d/wazuh.repo