Upgrading the Wazuh manager
This section describes how to upgrade the Wazuh manager to the latest available version. When upgrading a Wazuh multi-node cluster, it is recommended to update the master node first to reduce server downtime.
Note
Root user privileges are required to execute all the commands described below.
To upgrade the Wazuh manager, choose your package manager and follow the instructions.
Import the GPG key:
# rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH
Add the repository:
# cat > /etc/yum.repos.d/wazuh.repo << EOF [wazuh] gpgcheck=1 gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH enabled=1 name=EL-\$releasever - Wazuh baseurl=https://packages.wazuh.com/4.x/yum/ protect=1 EOF
Clean the YUM cache:
# yum clean all
(For upgrades from version 3.13.3) Remove the Wazuh API:
# yum remove wazuh-api
Upgrade the Wazuh manager to the latest version:
# yum upgrade wazuh-manager
Install the GPG key:
# curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | apt-key add -
Add the repository:
# echo "deb https://packages.wazuh.com/4.x/apt/ stable main" | tee -a /etc/apt/sources.list.d/wazuh.list
Update the package information:
# apt-get update
(For upgrades from version 3.13.3) Remove the Wazuh API:
# apt-get remove --purge wazuh-api
Upgrade the Wazuh manager to the latest version:
# apt-get install wazuh-manager
Import the GPG key:
# rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH
Add the repository:
# cat > /etc/zypp/repos.d/wazuh.repo <<\EOF [wazuh] gpgcheck=1 gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH enabled=1 name=EL-$releasever - Wazuh baseurl=https://packages.wazuh.com/4.x/yum/ protect=1 EOF
(For upgrades from version 3.13.3) Remove the Wazuh API:
# zypper remove wazuh-api
Upgrade the Wazuh manager to the latest version:
# zypper update wazuh-manager
Note
The configuration file of the Wazuh manager will not be replaced in the updates if it has been modified, so the settings of the new capabilities will have to be added manually. More information can be found at the User manual.
If Wazuh runs in a multi-node cluster, it is necessary to update all Wazuh managers to the same version. Otherwise, Wazuh nodes will not join the cluster.
Recommended action - Disable Wazuh updates
We recommend disabling the Wazuh repository to prevent accidental upgrades. To do so, use the following command:
# sed -i "s/^enabled=1/enabled=0/" /etc/yum.repos.d/wazuh.repo
This step is not necessary if the user set the packages to a
hold
state instead of disabling the repository.# sed -i "s/^deb/#deb/" /etc/apt/sources.list.d/wazuh.list # apt-get update
Alternatively, the user can set the package state to
hold
, which will stop updates. It will be still possible to upgrade it manually usingapt-get install
:# echo "wazuh-manager hold" | sudo dpkg --set-selections
# sed -i "s/^enabled=1/enabled=0/" /etc/zypp/repos.d/wazuh.repo
Next steps
The Wazuh manager is now successfully upgraded and you can proceed with upgrading the Elastic Stack. To perform this action, see the Upgrading Elasticsearch, Kibana and Filebeat section.