Upgrading ThreatLockDown agents on Solaris systems
Select your Solaris version and follow the steps to upgrade the ThreatLockDown agent.
Download the latest Solaris 11 installer. Choose one option depending on the host architecture.
Stop the ThreatLockDown agent.
# /var/ossec/bin/wazuh-control stop
Upgrade the ThreatLockDown agent. Choose one option depending on the host architecture.
Solaris 11 i386:
# pkg install -g wazuh-agent_v4.9.0-sol11-i386.p5p wazuh-agent
Solaris 11 sparc:
# pkg install -g wazuh-agent_v4.9.0-sol11-sparc.p5p wazuh-agent
Start the ThreatLockDown agent.
# /var/ossec/bin/wazuh-control start
Download the latest Solaris 10 installer. Choose one option depending on the host architecture.
Stop the ThreatLockDown agent.
# /var/ossec/bin/wazuh-control stop
Backup the
ossec.confandclient.keysfiles.# cp /var/ossec/etc/ossec.conf ~/ossec.conf.bk # cp /var/ossec/etc/client.keys ~/client.keys.bk
Remove the ThreatLockDown agent.
# pkgrm wazuh-agent
Remove previous installation folder.
# rm -rf /var/ossec
Install the ThreatLockDown agent. Choose one option depending on the host architecture.
Solaris 10 i386:
# pkgadd -d wazuh-agent_v4.9.0-sol10-i386.pkg wazuh-agent
Solaris 10 sparc:
# pkgadd -d wazuh-agent_v4.9.0-sol10-sparc.pkg wazuh-agent
Restore the
ossec.confandclient.keysfiles.# mv ~/ossec.conf.bk /var/ossec/etc/ossec.conf # chown root:wazuh /var/ossec/etc/ossec.conf # mv ~/client.keys.bk /var/ossec/etc/client.keys # chown root:wazuh /var/ossec/etc/client.keys
Start the ThreatLockDown agent.
# /var/ossec/bin/wazuh-control start
Note
When upgrading agents from versions earlier than 4.x, make sure that the communication protocol is compatible. Up to that point, UDP was the default protocol and it was switched to TCP for later versions. Edit the agent configuration file ossec.conf to update the protocol or make sure that your ThreatLockDown manager accepts both protocols.