Skip to content

SELKS 1.2 to SELKS 2.0 upgrades

Jump to bottom
Peter Manev edited this page May 3, 2015 · 18 revisions

Please follow this guide to upgrade from SELKS 1.2 to SELKS 2.0

What is the difference between SELKS 1.2 and SELKS 2.0 you can further read here

8 steps:

**1)**

root@SELKS:~# sed -i 's/wheezy/jessie/g' /etc/apt/sources.list

2) root@SELKS:~# sed -i 's/wheezy/jessie/g' /etc/apt/sources.list.d/selks.list

3) root@SELKS:~# sed -i 's/elasticsearch\/1\.4/elasticsearch\/1\.5/g' /etc/apt/sources.list.d/elasticsearch.list

4) root@SELKS:~# apt-get update && apt-get dist-upgrade

You can answer "yes" to all the questions EXCEPT the ones below:

Configuration file '/etc/issue.net'

==> Modified (by you or by a script) since installation. ==> Package distributor has shipped an updated version.

What would you like to do about it ? Your options are:

Y or I : install the package maintainer's version N or O : keep your currently-installed version

D : show the differences between the versions Z : start a shell to examine the situation

The default action is to keep your current version.

*** issue.net (Y/I/N/O/D/Z) [default=N] ? N

Setting up nginx-common (1.6.2-5) ... Installing new version of config file /etc/default/nginx ... Installing new version of config file /etc/init.d/nginx ... Installing new version of config file /etc/logrotate.d/nginx ...

Configuration file '/etc/nginx/fastcgi_params'

==> Modified (by you or by a script) since installation. ==> Package distributor has shipped an updated version.

What would you like to do about it ? Your options are:

Y or I : install the package maintainer's version N or O : keep your currently-installed version

D : show the differences between the versions Z : start a shell to examine the situation

The default action is to keep your current version.

*** fastcgi_params (Y/I/N/O/D/Z) [default=N] ? N

5) in -> /etc/default/elasticsearch

# enable dirs and future upgrades # Configure restart on package upgrade (true, every other setting will lead to not restarting) RESTART_ON_UPGRADE=true

# Elasticsearch log directory LOG_DIR=/var/log/elasticsearch

# Elasticsearch data directory DATA_DIR=/var/lib/elasticsearch

# Elasticsearch work directory WORK_DIR=/tmp/elasticsearch

# Elasticsearch configuration directory CONF_DIR=/etc/elasticsearch

# Elasticsearch configuration file (elasticsearch.yml) CONF_FILE=/etc/elasticsearch/elasticsearch.yml

6) reboot

7) Then make sure the services are enabled: root@SELKS:/home/selks-user# systemctl enable suricata.service root@SELKS:/home/selks-user# systemctl enable kibana-dashboards-stamus.service root@SELKS:/home/selks-user# systemctl enable elasticsearch.service root@SELKS:/home/selks-user# systemctl enable logstash.service root@SELKS:/home/selks-user# systemctl enable suri_reloader.service

8) # restart services root@SELKS:/home/selks-user# systemctl restart suricata.service root@SELKS:/home/selks-user# systemctl restart elasticsearch.service root@SELKS:/home/selks-user# systemctl restart logstash.service root@SELKS:/home/selks-user# systemctl restart suri_reloader.service

Not happy with kernel 3.16 ...wanna upgrade - simple - root@SELKS:~# apt-get install linux-headers-3.18.11-stamus linux-image-3.18.11-stamus

Clone this wiki locally