Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Upgrading Security Director Log Collector

 
Note

You must use 20.1R1 Log Collector builds for Security Director Release 21.1R1. There are no Log Collector builds for 21.1R1 release. When you upgrade Security Director release to 21.1R1, you must use Log Collector 20.1R1.

You can upgrade the Log Collector VM or the JA2500 appliance and integrated Log Collector to a later release.

Before You Begin

  • You must delete all the Log Collector nodes from Security Director > Administration > Logging Management > Logging Nodes.

  • Upgrade to a supported version of Junos Space Network Management Platform Release and then upgrade the Security Director application.

See the following topics for information about upgrading Log Collector:

Upgrading Log Collector VM or JA2500 Appliance

Note

Create a back up of Log Collector.

Table 1: Log Collector Upgrade Path

Upgrading to Release

Upgrade Path

Log Collector 20.1R1

  • Log Collector 19.3R1 > Log Collector 20.1R1

  • Log Collector 19.4R1 > Log Collector 20.1R1

You can now perform direct upgrade to 20.1R1 from earlier versions of Junos Space Security Director Release 19.1R1 and 19.2R1.

  • 19.1R1 > 20.1R1

  • 19.2R1 > 20.1R1

Note: You can perform direct upgrade only for Junos Space Security Director. However, you must follow all the supported upgrade paths for Junos Space Network Management Platform and Log Collector to upgrade to 20.1R1.

Log Collector 19.4R1

  • Log Collector 19.2R1 > Log Collector 19.4R1

  • Log Collector 19.3R1 > Log Collector 19.4R1

Log Collector 19.3R1

  • Log Collector 19.2R1 > Log Collector 19.3R1

  • Log Collector 19.1R2 > Log Collector 19.3R1

  • Log Collector 19.1R1 > Log Collector 19.3R1

Log Collector 19.2R1

  • Log Collector 19.1R2 > Log Collector 19.2R1

  • Log Collector 19.1R1 > Log Collector 19.2R1

  • Log Collector 18.4R1 > Log Collector 19.2R1

Log Collector 19.1R2

  • Log Collector 19.1R1 > Log Collector 19.1R2

  • Log Collector 18.4R1 > Log Collector 19.1R2

  • Log Collector 18.3R1 > Log Collector 19.1R2

Log Collector 19.1R1

  • Log Collector 18.4R1 > Log Collector 19.1R1

  • Log Collector 18.3R1 > Log Collector 19.1R1

You can now perform direct upgrade to 19.1R1 from earlier versions of Log Collector Release 18.2R1, 18.1R1, and 17.2R2.

  • 18.2R1 > 19.1R1

  • 18.1R1 > 19.1R1

  • 17.2R2 > 19.1R1

Note: You can perform direct upgrade only for Junos Space Security Director and Log Collector. However, you must follow all the supported upgrade paths for Junos Space Network Management Platform to upgrade to 19.1R1.

To upgrade Log Collector VM or JA2500 Appliance:

  1. Download the Log Collector upgrade script from the download site.
  2. Use the ssh command to log in to the Log Collector node.
  3. Copy the upgrade script to the /root directory of all the nodes that you want to upgrade.
  4. Change the file permission using the following command:

    chmod +x Log-Collector-Upgrade-xx.xxx.xxx.sh

    For example, chmod +x Log-Collector-Upgrade-20.1R1.xxx.sh

  5. Run the upgrade script using the ./Log-Collector-Upgrade-xx.xxx.xxx.sh command.

    For example, ./Log-Collector-Upgrade-20.1R1.XXX.sh

    The status of the upgrade is shown on the console.

  6. Add the logging nodes back to Security Director from Security Director > Administration > Logging Management > Logging Nodes.

    See Adding Log Collector to Security Director.

Upgrading Log Collector VM or JA2500 Appliance

Note

To upgrade Log Collector All-In-One node:

  1. Download the Log Collector upgrade script Log-Collector-Upgrade-20.1R1.X.sh from the download site.
  2. Copy the Log Collector upgrade script to the Log Collector All-In-One node.
  3. Connect to the CLI Log Collector All-In-One node.
  4. Navigate to the location where you have copied Log Collector upgrade script.
  5. Run Log Collector upgrade script.

    sh Log-Collector-Upgrade-20.1R1.X.sh

  6. Select from the below options and continue.

    1) Upgrade WITHOUT Recovering current log data

    [This will PERMANENTLY DELETE THE CURRENT LOG DATA]

    2) Upgrade and Recover the current log data

    3) Exit

    Is this running on SSD? [Y/N]

    Wait for the upgrade to complete.

To upgrade distributed Log Collector:

Before You Begin

  • For upgrade process, you should be able to ping both Log Receiver and Log Storage nodes.

  • Download the Log Collector upgrade script Log-Collector-Upgrade-20.1R1.X.sh from the download site.

  • Copy the Log Collector upgrade script to Log Receiver and Log Storage nodes of the distributed deployment.

To upgrade on Log Receiver node:

  1. Connect to the Log-Receiver Node CLI.
  2. Navigate to the location where you have Log Collector upgrade script.
  3. Run Log Collector upgrade script:

    sh Log-Collector-Upgrade-20.1R1.X.sh

  4. Select from the below options and continue.

    Please choose how you want to upgrade Log Collector:

    1) Upgrade WITHOUT Recovering current log data.

    [This will PERMANENTLY DELETE THE CURRENT LOG DATA]

    2) Upgrade and Recover the current log data

    3) Exit

To upgrade on Log Storage node:

  1. Run Log Collector upgrade script:

    sh Log-Collector-Upgrade-20.1R1.X.sh

  2. Enter the Log Receiver Node IP.
  3. Select from the below options and continue

    Please choose how you want to upgrade Log Collector:

    1) Upgrade WITHOUT Recovering current log data.

    [This will PERMANENTLY DELETE THE CURRENT LOG DATA]

    2) Upgrade and Recover the current log data

    3) Exit

Upgrading Log Collector CentOS Version from 6.5 to 6.8

To upgrade CentOS version:

  1. Download CentOS upgrade script and ISO image from download site to/tmp directory in Log Collector virtual machine.
  2. Run the following command

    Chmod +x CentOS-Upgrade-20.1R1.31.sh

  3. Run the script by providing the ISO image as argument.

    ./CentOS-Upgrade-20.1R1.31.sh log-collector-iso-20.1R1.13.iso

  4. Run “upgrade” or “recovery and then upgrade”. The recovery and then upgrade should be performed only when the last upgrade has failed or was interrupted due to power failure.
  5. Reboot Log Collector, after the upgrade is successful.Note
    • The upgrade is supported from CentOS version 6.5 to 6.8 only.

    • For running the upgrade script, use console or telnet (for appliances) and do not use ssh session or any other remote access mechanisms.

  6. Verify if the upgrade is successful by running the commands in the console.

    The commands and the expected results are given below:

    # uname -a

    Linux LOG-COLLECTOR 2.6.32-754.18.2.el6.x86_64#1 SMP Wed Aug 14 16:26:59 UTC 2019 x86_64 x86_64 x86_64/Linux

    # cat/etc/redhat-release

    CentOS release 6.8 (Final)

Upgrading Integrated Log Collector

To upgrade an integrated Log Collector to a latest release:

  1. Download the integrated Log Collector script from the download site.
  2. Copy the integrated Log Collector script to a JA2500 appliance or virtual appliance.
  3. Connect to the CLI of a JA2500 appliance or virtual appliance with admin privileges.
  4. Navigate to the location where you have copied the integrated Log Collector script.
  5. Change the file permission using the following command:

    chmod +x Integrated-Log-Collector-xx.xxx.xxx.sh

    For example, chmod +x Integrated-Log-Collector-20.1R1.xxx.sh

  6. Run the integrated Log Collector script using the following command:

    ./Integrated-Log-Collector-xx.xxx.xxx.sh

    For example, ./Integrated-Log-Collector-20.1R1.xxx.sh

Note
  • The integrated Log Collector does not support high availability (HA) even if it is installed in a Junos Space HA cluster. The integrated Log Collector must be installed only on one of the Junos Space cluster nodes.

  • 500 eps is supported for the integrated Log Collector.

Upgrading Integrated Log Collector

  1. Copy Integrated-Log-Collector-20.1R1.x.sh to the space node.
  2. Run the script: sh Integrated-Log-Collector-20.1R1.x.sh
  3. Select from following options and continue:

    Please choose how you want to upgrade Log Collector:

    1) Upgrade WITHOUT Recovering current log data.

    [This will PERMANENTLY DELETE THE CURRENT LOG DATA]

    2) Upgrade and Recover the current log data.

    3) Exit

Note

After upgrading Log Collector, database password will reset to default credentials, that is, admin/juniper123. You must re-configure the database password after Log Collector upgrade before adding the Log Collector node to Security Director.

After upgrading the log collector, add the log collector node. See Adding Log Collector to Security Director.

For Security Director log collector, provide the default credentials admin/juniper123. You must change the default password.

For JSA, provide the admin credentials that is used to log in to the JSA console.