Update preparationsΒΆ
Before attempting to install any type of update package, the following procedures should be observed:
Verify that the version currently installed can be upgraded to the target version (e.g., v18.20 or v19.x -> v19.4.0).
Back up the current install:
Virtual appliances: Take a snapshot, ideally with the appliance powered off.
Hardware appliances: Perform a full or configuration backup. For further details, see the Backups subsection of this documentation or contact Plixer Technical Support.
Hardware appliances only - Log in to iDRAC and perform a hardware health check. Any hardware issues discovered should be escalated to Dell for resolution. A reboot is also recommended as an additional check for underlying hardware issues.
Confirm that all Plixer Scrutinizer Collectors/servers have access to
https://files.plixer.com
. This check can be performed by downloading the checksum file using the following command:curl -o scrutinizer-checksums.txt -L https://files.plixer.com/plixer-repo/scrutinizer/<version_number>/scrutinizer-checksums.txt
For Plixer Scrutinizer deployments that do not have Internet access, follow the steps to perform offline updates.
Collect the following details and check the Plixer Scrutinizer sizing guide to confirm that sufficient resources will be available to the system after the upgrade:
Flows per second
Number of active Exporters
CPU (number of cores, clock speeds)
Amount of RAM
Disk speed and RAID type
Flow Analytics algorithms enabled
Obtain a valid license key for the upgrade if one has not been acquired.
Delete any older versions of
scrutinizer-installer.run
on the Plixer Scrutinizer instance. This will prevent them from being used instead of the correct installer.Enter
crontab -e
and inspect the table for lines containing* * * * * /home/Plixer/scrutinizer/files/collector_restart.sh
. These should be commented out by adding a#
at the beginning of the line to prevent scheduled restarts from interfering with the upgrade process.Distributed cluster upgrades only - If there are Palo Alto firewalls configured for the cluster, whitelist the connections between the Reporter and the Collectors. This will prevent the firewall from identifying the ~113 SSH connections created during the Collector registration process as a threat. Alternatively, the rate at which the SSH connections are established can be slowed down by adding sleep 5 to the /home/plixer/.bashrc file on each remote Collector.
AWS flow log integration only - As of version 19.2, Plixer Scrutinizer requires four log fields to be configured for AWS flog log collection:
log-status
,vpc-id
,interface-id
, andflow-direction
. For further details, see the AWS flow log integration guide.
These steps are meant to identify and resolve any underlying issues with the current Plixer Scrutinizer install and help ensure that upgrade will be applied without issue.
Once completed, follow the appropriate upgrade guide to update Plixer Scrutinizer to the latest version.
Hint
All install logs will be saved to /var/log/Scrutinizer-Install.log
.
Note
As of v19.1+ Plixer Scrutinizer no longer requires the use of the root
OS user, and the plixer
user is the recommended user for command line access.