Warning!: This release completely changes the inner workings of reports and compliance. If you have done custom reports or saved compliance data into the datawarehouse, please backup them before updating.

At some point a package named "ossim-database-migration" may be installed, it could take a while (around 5-10 minutes per million events) for it to migrate the event database structure. A great speedup will be achieved after this migration.

Start with:

apt-get update
apt-get dist-upgrade

It will tell you that some packages can't be authenticated. Don't worry about that, just enter "y".

You'll see different questions depending if you're upgrading from a 2.1.5 or from a 2.2 version.

You should say "y" to all the questions, all the files should be updated with the package files.

Installation will start.

- first question: about my.cnf

You can safely ignore: ERROR 1577 (HY000) at line 1: Cannot proceed because system tables used by Event Scheduler were found damaged at server start

- next question: about rsyslog.conf
- next question: about snort.conf
- next questions: about various plugin .cfg files
- next question: agent config.cfg
- next question: about apache.conf

Ignore messages about Nagios3 overlapping.

Next: the interface upgrade.

Apply Changes, wait until the browser finished loading the sql update phase. You don't need the backup since daily backups are being placed into /var/lib/ossim/backup/
Reload the page after the browser is done.

Note: ossim_setup.conf has changed a bit, please have a look at the new structure. It's less "automatic" now and you've got more power to tweak it. If you need to change the ip for example, change the admin_ip and all the others, adjusting them to your new environment. After that just issue an ossim-reconfig, just in case, and everything is finished.

There are some new things in 2.2.1 release:
- Fixed pf.cfg in the agent (thanks rossonr)
- Fixed Analysis -> SIEM -> "Real Time" -> "Manage References" link (thanks Tony carter)
- Fix in Scheduled scans (thanks mahoney)
- Added Alienvault sample policies
- Some issues in Reports fixed (thanks Kristian paul)
- permission & error for reports fixed (thanks nritter6281)
- updates warning problem, fixed
- Some security vulnerabilities (thanks to Nahuel Grisolia from www.cybsec.com)
- Some other issues.