Upgrading the Wazuh manager

This section describes how to upgrade the Wazuh manager to the latest available version. When upgrading a Wazuh multi-node cluster, it is recommended to update the master node first to reduce server downtime.

Note

Root user privileges are required to execute all the commands described below.

To upgrade the Wazuh manager, choose your package manager and follow the instructions.

Import the GPG key:

# rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH

Add the repository:

# cat > /etc/yum.repos.d/wazuh.repo << EOF
[wazuh]
gpgcheck=1
gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH
enabled=1
name=EL-\$releasever - Wazuh
baseurl=https://packages.wazuh.com/4.x/yum/
protect=1
EOF

Clean the YUM cache:

# yum clean all

(For upgrades from version 3.13.3) Remove the Wazuh API:

# yum remove wazuh-api

Upgrade the Wazuh manager to the latest version:

# yum upgrade wazuh-manager

Install the GPG key:

# curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | apt-key add -

Add the repository:

# echo "deb https://packages.wazuh.com/4.x/apt/ stable main" | tee -a /etc/apt/sources.list.d/wazuh.list

Update the package information:
# apt-get update

(For upgrades from version 3.13.3) Remove the Wazuh API:

# apt-get remove --purge wazuh-api

Upgrade the Wazuh manager to the latest version:

# apt-get install wazuh-manager

Import the GPG key:

# rpm --import https://packages.wazuh.com/key/GPG-KEY-WAZUH

Add the repository:

# cat > /etc/zypp/repos.d/wazuh.repo <<\EOF
[wazuh]
gpgcheck=1
gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH
enabled=1
name=EL-$releasever - Wazuh
baseurl=https://packages.wazuh.com/4.x/yum/
protect=1
EOF

(For upgrades from version 3.13.3) Remove the Wazuh API:

# zypper remove wazuh-api

Upgrade the Wazuh manager to the latest version:

# zypper update wazuh-manager

Note

The configuration file of the Wazuh manager will not be replaced in the updates if it has been modified, so the settings of the new capabilities will have to be added manually. More information can be found at the User manual.

If Wazuh runs in a multi-node cluster, it is necessary to update all Wazuh managers to the same version. Otherwise, Wazuh nodes will not join the cluster.

Recommended action - Disable Wazuh updates

We recommend disabling the Wazuh repository to prevent accidental upgrades. To do so, use the following command:
# sed -i "s/^enabled=1/enabled=0/" /etc/yum.repos.d/wazuh.repo
This step is not necessary if the user set the packages to a hold state instead of disabling the repository.
# sed -i "s/^deb/#deb/" /etc/apt/sources.list.d/wazuh.list # apt-get update
Alternatively, the user can set the package state to hold, which will stop updates. It will be still possible to upgrade it manually using apt-get install:
# echo "wazuh-manager hold" | sudo dpkg --set-selections
# sed -i "s/^enabled=1/enabled=0/" /etc/zypp/repos.d/wazuh.repo

Next steps

The Wazuh manager is now successfully upgraded and you can proceed with upgrading the Elastic Stack. To perform this action, see the Upgrading Elasticsearch, Kibana and Filebeat section.