Update preparationsΒΆ

Before attempting to install any type of update package, the following procedures should be observed:

  1. Verify that the version currently installed can be upgraded to the target version (e.g., v18.20 or v19.x -> v19.4.0).

  2. Back up the current install:

    • Virtual appliances: Take a snapshot, ideally with the appliance powered off.

    • Hardware appliances: Perform a full or configuration backup. For further details, see the Backups subsection of this documentation or contact Plixer Technical Support.

  3. Hardware appliances only - Log in to iDRAC and perform a hardware health check. Any hardware issues discovered should be escalated to Dell for resolution. A reboot is also recommended as an additional check for underlying hardware issues.

  4. Confirm that all Plixer Scrutinizer Collectors/servers have access to https://files.plixer.com. This check can be performed by downloading the checksum file using the following command:

    curl -o scrutinizer-checksums.txt -L https://files.plixer.com/plixer-repo/scrutinizer/<version_number>/scrutinizer-checksums.txt

    For Plixer Scrutinizer deployments that do not have Internet access, follow the steps to perform offline updates.

  5. Collect the following details and check the Plixer Scrutinizer sizing guide to confirm that sufficient resources will be available to the system after the upgrade:

    • Flows per second

    • Number of active Exporters

    • CPU (number of cores, clock speeds)

    • Amount of RAM

    • Disk speed and RAID type

    • Flow Analytics algorithms enabled

  6. Obtain a valid license key for the upgrade if one has not been acquired.

  7. Delete any older versions of scrutinizer-installer.run on the Plixer Scrutinizer instance. This will prevent them from being used instead of the correct installer.

  8. Enter crontab -e and inspect the table for lines containing * * * * * /home/Plixer/scrutinizer/files/collector_restart.sh. These should be commented out by adding a # at the beginning of the line to prevent scheduled restarts from interfering with the upgrade process.

  9. Distributed cluster upgrades only - If there are Palo Alto firewalls configured for the cluster, whitelist the connections between the Reporter and the Collectors. This will prevent the firewall from identifying the ~113 SSH connections created during the Collector registration process as a threat. Alternatively, the rate at which the SSH connections are established can be slowed down by adding sleep 5 to the /home/plixer/.bashrc file on each remote Collector.

  10. AWS flow log integration only - As of version 19.2, Plixer Scrutinizer requires four log fields to be configured for AWS flog log collection: log-status, vpc-id, interface-id, and flow-direction. For further details, see the AWS flow log integration guide.

These steps are meant to identify and resolve any underlying issues with the current Plixer Scrutinizer install and help ensure that upgrade will be applied without issue.

Once completed, follow the instructions corresponding to the current install to update Plixer Scrutinizer to the latest version.

Hint

All install logs will be saved to /var/log/Scrutinizer-Install.log.

Note

As of v19.1+ Plixer Scrutinizer no longer requires the use of the root OS user, and the plixer user is the recommended user for command line access.