Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

ON THIS PAGE

Upgrading Security Director Log Collector

 

You can upgrade the Log Collector VM or the JA2500 appliance and integrated Log Collector to a later release.

Before You Begin

  • You must delete all the Log Collector nodes from Security Director > Administration > Logging Management > Logging Nodes.

  • Upgrade to a supported version of Junos Space Network Management Platform Release and then upgrade the Security Director application.

See the following topics for information about upgrading Log Collector.

Table 1 shows the topology difference for the Log Collector Release 15.2R2, 16.1R1, and later.

Table 1: Topology Difference

Node Type

Release 15.2R2

Release 16.1R1 and later

All-in-One Node

Yes

Yes

Log Receiver Node

Yes

Yes

Log Storage Node

Yes (Log indexer node, Log data node)

Yes

Query node, Client node

Yes (20K eps)

No

Primary node, Cluster Manager node

Yes (20K eps)

No

Integrated

No

Yes

Upgrading Log Collector from 15.2R1 to 15.2R2

Note

The supported upgrade path is Log Collector 15.2R1 > Log Collector 15.2R2.

To upgrade from Log Collector 15.2R1 to Log Collector 15.2R2:

  1. Download the Log Collector upgrade image for VM from the download site.
  2. Copy the rpm file nwscripts-1-2.noarch.12.rpm to each Log Receiver node, Log Indexer, or Log Receiver and Indexer node.
  3. Upgrade each Log Receiver node, Log Indexer node, or Log Receiver and Indexer node using the rpm –Uvh nwscripts-1-2.noarch.12.rpm command.
Note

Upgrading Log Collector from 15.1 to Log Collector 15.2R1 is not supported.

Upgrading Log Collector VM or JA2500 Appliance from 15.2R2 or Later Releases

Note

Create a back up of Log Collector.

Table 2: Log Collector Upgrade Path

Upgrading to Release

Upgrade Path

Log Collector 19.2R1

  • Log Collector 19.1R2 > Log Collector 19.2R1

  • Log Collector 19.1R1 > Log Collector 19.2R1

  • Log Collector 18.4R1 > Log Collector 19.2R1

Log Collector 19.1R2

  • Log Collector 19.1R1 > Log Collector 19.1R2

  • Log Collector 18.4R1 > Log Collector 19.1R2

  • Log Collector 18.3R1 > Log Collector 19.1R2

Log Collector 19.1R1

  • Log Collector 18.4R1 > Log Collector 19.1R1

  • Log Collector 18.3R1 > Log Collector 19.1R1

You can now perform direct upgrade to 19.1R1 from older versions of Log Collector Release 18.2R1, 18.1R1, and 17.2R2.

  • 18.2R1 > 19.1R1

  • 18.1R1 > 19.1R1

  • 17.2R2 > 19.1R1

Note: You can perform direct upgrade only for Junos Space Security Director and Log Collector. However, you must follow all the supported upgrade paths for Junos Space Network Management Platform to upgrade to 19.1R1.

Log Collector 18.4R1

  • Log Collector 18.3R1 > Log Collector 18.4R1

  • Log Collector 18.2R1 > Log Collector 18.4R1

Log Collector 18.3R1

  • Log Collector 18.2R1 > Log Collector 18.3R1

  • Log Collector 18.1R2 > Log Collector 18.3R1

  • Log Collector 18.1R1 > Log Collector 18.3R1

Log Collector 18.2R1

  • Log Collector 18.1R2 > Log Collector 18.2R1

  • Log Collector 18.1R1 > Log Collector 18.2R1

  • Log Collector 17.2R1 > Log Collector 18.2R1

  • Log Collector 17.2R2 > Log Collector 18.2R1

Log Collector 18.1R2

  • Log Collector 18.1R1 > Log Collector 18.1R2

  • Log Collector 17.2R2 > Log Collector 18.1R2

Log Collector 18.1R1

  • Log Collector 17.1R2 > Log Collector 18.1R1

  • Log Collector 17.2R2 > Log Collector 18.1R1

Log Collector 17.2R2

  • Log Collector 17.2R1 > Log Collector 17.2R2

  • Log Collector 17.1R2 > Log Collector 17.2R2

Log Collector 17.2R1

  • Log Collector 17.1R2 > Log Collector 17.2R1

Log Collector 17.1R1

  • Log Collector 15.2R2 > Log Collector 16.1R1/16.2R2 > Log Collector 17.1R1

Log Collector 16.2R1

  • Log Collector 15.2R2 > Log Collector 16.1R1 > Log Collector 16.2R1

  • Log Collector 15.2R2 > Log Collector 16.2R1

Log Collector 16.1R1

  • Log Collector 15.2R2 > Log Collector 16.1R1

To upgrade Log Collector VM or JA2500 Appliance:

  1. If you had changed the log database password for the logging nodes in Log Collector Release 15.2R2, perform the following steps. Otherwise, continue with Step 2.Note

    This step is applicable from Release 15.2R2 to 16.1R1.

    1. Use the ssh command to log in to the node.
    2. Open the elasticsearch.yml file located at /etc/elasticsearch/ in a text editor.
    3. In the elasticsearch.yml file, search for http.basic.password and replace the changed password with 58dd311734e74638f99c93265713b03c391561c6ce626f8a745d1c7ece7675fa
    4. Save the changes.
  2. Download the Log Collector upgrade script from the download site.
  3. Copy the upgrade script to the /root directory of all the nodes that you want to upgrade.
  4. Change the file permission using the following command:

    chmod +x Log-Collector-Upgrade-xx.xxx.xxx.sh

    For example, chmod +x Log-Collector-Upgrade-19.2R1.xxx.sh

  5. Run the upgrade script using the ./Log-Collector-Upgrade-xx.xxx.xxx.sh command.

    For example, ./Log-Collector-Upgrade-19.2R1.XXX.sh

    The status of the upgrade is shown on the console.

    Note

    • From release 16.2R1, the Logstash process no longer runs on the Log Receiver node. Instead, the jingest process will run.

    • You must ensure that the jingest and elasticsearch processes are running.

  6. Add the logging nodes back to Security Director from Security Director > Administration > Logging Management > Logging Nodes.

    See Adding Log Collector to Security Director.

Note

For upgrading from 15.2R2 to 16.1R1:

  • Multiple-node deployment is a combination of Log Receiver and Log Storage nodes. You can add a maximum of one Log Receiver node and three Log Storage nodes.

  • Only one Log Receiver node is supported for all levels of deployment. If you have multiple Log Receivers in the Release 15.2R2 setup, upgrade only one Log Receiver to Release 16.2R1 and delete the other Log Receivers.

  • Log Query node and Primary node are not supported. So you can delete them.

  • You must run the upgrade script on each node to upgrade it to the corresponding release.

Upgrading Log Collector VM or JA2500 Appliance from 18.4R1, 19.1R1, or 19.1R2 to 19.2R1

To upgrade Log Collector All-In-One node:

  1. Download the Log Collector upgrade script Log-Collector-Upgrade-19.2R1.X.sh from the download site.
  2. Copy the Log Collector upgrade script to the Log Collector All-In-One node.
  3. Connect to the CLI Log Collector All-In-One node.
  4. Navigate to the location where you have copied Log Collector upgrade script.
  5. Run Log Collector upgrade script.

    sh Log-Collector-Upgrade-19.2R1.X.sh

  6. Select from the below options and continue.

    1) Upgrade WITHOUT Recovering current log data

    [This will PERMANENTLY DELETE THE CURRENT LOG DATA]

    2) Upgrade and Recover the current log data

    3) Exit

    Is this running on SSD? [Y/N]

    Wait for the upgrade to complete.

To upgrade distributed Log Collector:

Before You Begin

  • For upgrade process, you should be able to ping both Log Receiver and Log Storage nodes.

  • Download the Log Collector upgrade script Log-Collector-Upgrade-19.2R1.X.sh from the download site.

  • Copy the Log Collector upgrade script to Log Receiver and Log Storage nodes of the distributed deployment.

To upgrade on Log Receiver node:

  1. Connect to the Log-Receiver Node CLI.
  2. Navigate to the location where you have Log Collector upgrade script.
  3. Run Log Collector upgrade script:

    sh Log-Collector-Upgrade-19.2R1.X.sh

  4. Select from the below options and continue.

    Please choose how you want to upgrade Log Collector:

    1) Upgrade WITHOUT Recovering current log data.

    [This will PERMANENTLY DELETE THE CURRENT LOG DATA]

    2) Upgrade and Recover the current log data

    3) Exit

To upgrade on Log Storage node:

  1. Run Log Collector upgrade script:

    sh Log-Collector-Upgrade-19.2R1.X.sh

  2. Enter the Log Receiver Node IP.
  3. Select from the below options and continue

    Please choose how you want to upgrade Log Collector:

    1) Upgrade WITHOUT Recovering current log data.

    [This will PERMANENTLY DELETE THE CURRENT LOG DATA]

    2) Upgrade and Recover the current log data

    3) Exit

Upgrading Integrated Log Collector

To upgrade an integrated Log Collector to a latest release:

Note

Integrated Log Collector is supported from 16.1R1 Release onwards.

  1. Download the integrated Log Collector script from the download site.
  2. Copy the integrated Log Collector script to a JA2500 appliance or virtual appliance.
  3. Connect to the CLI of a JA2500 appliance or virtual appliance with admin privileges.
  4. Navigate to the location where you have copied the integrated Log Collector script.
  5. Change the file permission using the following command:

    chmod +x Integrated-Log-Collector-xx.xxx.xxx.sh

    For example, chmod +x Integrated-Log-Collector-19.2R1.xxx.sh

  6. Run the integrated Log Collector script using the following command:

    ./Integrated-Log-Collector-xx.xxx.xxx.sh

    For example, ./Integrated-Log-Collector-19.2R1.xxx.sh

Note

  • The integrated Log Collector does not support high availability (HA) even if it is installed in a Junos Space HA cluster. The integrated Log Collector must be installed only on one of the Junos Space cluster nodes.

  • 500 eps is supported for the integrated Log Collector.

Upgrading Integrated Log Collector from 18.4R1, 19.1R1, 19.1R2 to 19.2R1

  1. Copy Integrated-Log-Collector-19.2R1.x.sh to the space node.
  2. Run the script: sh Integrated-Log-Collector-19.2R1.x.sh
  3. Select from following options and continue:

    Please choose how you want to upgrade Log Collector:

    1) Upgrade WITHOUT Recovering current log data.

    [This will PERMANENTLY DELETE THE CURRENT LOG DATA]

    2) Upgrade and Recover the current log data.

    3) Exit

Note

After upgrading the log collector, add the log collector node. See Adding Log Collector to Security Director.

For Security Director log collector, provide the default credentials admin/juniper123. Change the default password.

For JSA, provide the admin credentials that is used to log in to the JSA console.

Related Documentation