• Support
  • Forums
  • Blogs

Why upgrade was skipped?

xhyxhy

New Life Form
I have tried to upgrade OSSIM 5.3 to 5.4.
It prompt a successful upgrade of OSSIM but the version and feature didn't change at all.
Went to check the upgrade logs in /var/log/alienvault/update, and it shows upgrade was skipped and the message is showed below:
Is there any configuration need to be done?

Mon Jul 31 10:02:36 2017 Console log mode on
Mon Jul 31 10:02:36 2017 Getting IP
Mon Jul 31 10:02:37 2017 --------------------------------------------------------------------------------
Mon Jul 31 10:02:37 2017 Common Profile: Backup ossim_setup.conf
Mon Jul 31 10:02:37 2017 + Common Profile: Backup saved to /etc/ossim/.ossim_setup.conf_backup
Mon Jul 31 10:02:37 2017 + Setting the hostname (SIEM)
Mon Jul 31 10:02:37 2017 + echo "SIEM" > /etc/hostname
Mon Jul 31 10:02:37 2017 + Common Profile: Checking aliases
Mon Jul 31 10:02:37 2017 Common Profile: Updating /etc/issue
Mon Jul 31 10:02:37 2017 Common Profile: Updating /etc/motd.tail
Mon Jul 31 10:02:37 2017 Common Profile: Updating repositories
Mon Jul 31 10:02:37 2017 + Skipping /etc/snmp/snmpd.conf
Mon Jul 31 10:02:37 2017 + Updating bashrc
Mon Jul 31 10:02:37 2017 + updating crontab (cron.hourly: send out and err to devnull)
Mon Jul 31 10:02:37 2017 + updating crontab (cron.hourly: run at one minute past of every hour)
Mon Jul 31 10:02:37 2017 + Configuring Ntp server syncronization in cron.hourly (filename: ntpdate)
Mon Jul 31 10:02:37 2017 Skip upgrade
Mon Jul 31 10:02:37 2017 -------------------------------------------------------------------------------
Mon Jul 31 10:02:37 2017 Configuring Database Profile
Mon Jul 31 10:02:37 2017 + Database Profile: Updating ossim config table
Mon Jul 31 10:02:37 2017 + Database Profile: Preconfiguring framework file
Mon Jul 31 10:02:37 2017 + Database Profile: Configuring VPN
Mon Jul 31 10:02:37 2017 + Database Profile: Vpn Key found.
Mon Jul 31 10:02:37 2017 + Database Profile: Inserting into alienvault.host table
Mon Jul 31 10:02:37 2017 Skip upgrade
Mon Jul 31 10:02:37 2017 -------------------------------------------------------------------------------
Mon Jul 31 10:02:37 2017 Configuring Server Profile
Mon Jul 31 10:02:37 2017 + System UUID: 4c4c4544-0033-3010-8035-b8c04f483832
Mon Jul 31 10:02:38 2017 + Server Profile: Updating acl_entities table
Mon Jul 31 10:02:38 2017 + Server Profile: System update
Mon Jul 31 10:02:38 2017 + Server Profile: Configuring monit memory threshold to 45%
Mon Jul 31 10:02:38 2017 Skip upgrade
Mon Jul 31 10:02:38 2017 -------------------------------------------------------------------------------
Mon Jul 31 10:02:38 2017 Configuring Framework Profile
Mon Jul 31 10:02:38 2017 + Framework Profile: Add www-data user to alienvault group
Mon Jul 31 10:02:38 2017 + Database Profile: Updating risk maps 
Mon Jul 31 10:02:38 2017 + Framework Profile:  Updating Framework configuration file
Mon Jul 31 10:02:38 2017 + Framework Profile: Adjusting permissions
Mon Jul 31 10:02:38 2017 + Framework Profile:  Configuring  Apache rewrite module
Mon Jul 31 10:02:38 2017 + Framework Profile: Configuring Apache SSL module
Mon Jul 31 10:02:38 2017 + Framework Profile: Configuring Apache auth module
Mon Jul 31 10:02:38 2017 + Framework Profile: Disabling Apache autoindex module
Mon Jul 31 10:02:38 2017 + Framework Profile: Enabling HTTPS by default:
Mon Jul 31 10:02:38 2017 + Framework Profile: Disabling HTTP default site
Mon Jul 31 10:02:38 2017 + Framework Profile: Configuring certificate /etc/ssl/certs/ossimweb.pem for https
Mon Jul 31 10:02:38 2017 + Framework Profile: Updating Nagios configuration for chk-livestatus
Mon Jul 31 10:02:39 2017 + Framework Profile: Updating /etc/nagios3/nagios.cfg (broker_module)
Mon Jul 31 10:02:39 2017 + Framework Profile: Updating Nagios configuration
Mon Jul 31 10:02:39 2017 Framework Profile: add www-data to nagios group, for nagios commands)
Mon Jul 31 10:02:39 2017 + Framework Profile: Configuring Nagios stylesheets
Mon Jul 31 10:02:39 2017 + Framework Profile: change owner to nfsen config: chown www-data: /etc/nfsen/nfsen.conf
Mon Jul 31 10:02:39 2017 + Framework Profile: sensor 4C4C4544003330108035B8C04F483832 is an uuid. Translation already done. Skipping
Mon Jul 31 10:02:39 2017 + Framework Profile: Updating Nagios configuration
Mon Jul 31 10:02:39 2017 + Framework Profile: Updating apache configuration.
Mon Jul 31 10:02:39 2017 + Framework Profile: Configuring the default apache ssl config file.
Mon Jul 31 10:02:39 2017 + Framework Profile: Updating Apache configuration files.
Mon Jul 31 10:02:39 2017 + Framework Profile: Set default apache security config file.
Mon Jul 31 10:02:39 2017 + Framework Profile: Set apache dir config file.
Mon Jul 31 10:02:39 2017 + Framework Profile: Updating Apache configuration
Mon Jul 31 10:02:39 2017 + Framework Profile: Updating Ossim-agent windows installer server ip
Mon Jul 31 10:02:39 2017 + Framework Profile: Inserting into alienvault.host table
Mon Jul 31 10:02:39 2017 + Framework Profile: Update plugins vulnerabilities
Mon Jul 31 10:02:39 2017 + Framework Profile: Updating postcorrelation config tzone
Mon Jul 31 10:02:39 2017 + /etc/ossim/framework/post_correlation.cfg not found
Mon Jul 31 10:02:39 2017 + Openvas4 Found.
Mon Jul 31 10:02:39 2017 Framework Profile: Checking/Setting ossec initscript
Mon Jul 31 10:02:39 2017 + Framework Profile: already set
Mon Jul 31 10:02:39 2017 Updating cron files
Mon Jul 31 10:02:39 2017 Updating alienvault-passvulnscan
Mon Jul 31 10:02:39 2017 Configuring Squid proxy for updates
Mon Jul 31 10:02:44 2017 Reconfiguring Squid proxy for cache peer
Mon Jul 31 10:02:44 2017 + Framework Profile: (sub aes_encrypt_db)
Mon Jul 31 10:02:45 2017 + Framework Profile: Update password (AES_ENCRYPT)
Mon Jul 31 10:02:45 2017 Skip upgrade
Mon Jul 31 10:02:45 2017 -------------------------------------------------------------------------------
Mon Jul 31 10:02:45 2017 Config Sensor Profile
Mon Jul 31 10:02:45 2017 Update OSSEC plugin reference
Mon Jul 31 10:02:45 2017 + Sensor Profile: Update Agent interfaces
Mon Jul 31 10:02:45 2017 + Sensor Profile: Parse agent config file
Mon Jul 31 10:02:45 2017 + Sensor Profile: Compatibility Agent distributed mode: Default Sensor Overrride not found, set False
Mon Jul 31 10:02:45 2017 + Sensor Profile: Config IDS rules flow control
Mon Jul 31 10:02:45 2017 + Sensor Profile: Config fprobe
Mon Jul 31 10:02:45 2017 + Sensor Profile: Add sensor to db.
Mon Jul 31 10:02:45 2017 + Sensor Profile: Computed sensor (local) timezone ('Asia/Singapore') offset: '8'
Mon Jul 31 10:02:45 2017 + Sensor Profile: System update
Mon Jul 31 10:02:45 2017 + Sensor Profile: updating monitrc
Mon Jul 31 10:02:45 2017 + Sensor Profile: Updating monitrc fprobe
Mon Jul 31 10:02:45 2017 --------------------------------------------------------------------------------
Mon Jul 31 10:02:45 2017 Common Profile: Setting permissions for /var/log/ossim/*.log
Mon Jul 31 10:02:45 2017 Common Profile: triggering for alienvault-config-sensor-detectors
Mon Jul 31 10:02:45 2017 Common Profile: triggering for alienvault-restart-firewall
Mon Jul 31 10:02:45 2017 Common Profile: Update ossim_setup.conf_last
Mon Jul 31 10:02:45 2017 Common Profile: Setting permissions for /etc/ossim/ossim_setup.conf*
Mon Jul 31 10:02:45 2017 Restarting ossim-server
Mon Jul 31 10:02:47 2017 Restarting ossim-framework
Mon Jul 31 10:02:53 2017 Restarting apache2
Mon Jul 31 10:02:53 2017 Restarting squid3
Mon Jul 31 10:03:01 2017 Restarting nagios3
Mon Jul 31 10:03:01 2017 Restarting nfsen
Mon Jul 31 10:03:07 2017 Restarting sensors
Mon Jul 31 10:03:07 2017 Restarting monit
Mon Jul 31 10:03:07 2017 Start rc.local
Mon Jul 31 10:03:07 2017 Disable services
Mon Jul 31 10:03:08 2017 Enable services
Mon Jul 31 10:03:09 2017 Configuration finished

Share post:

Answers

  • xhy,

    Could you tell us how you performed this upgrade? 

    Also, could you try upgrading by jailbreaking and running the following command, providing any errors at the end of the process?

    alienvault-update -c -v -d
  • xhyxhy
    edited August 2017
    Hi kcoe,

    I'm using the System Preferences UI.

    I have tried "alienvault-update -c -v -d" and I'm getting the following error:

    E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?
    + echo 'ERROR: Failed to install new Suricata version!'
    ERROR: Failed to install new Suricata version!
    + return 1
    ## update_suricata_refresh_conf, code 1

    I also tried "apt-get update" followed by "alienvault-update -c -v -d" and getting the same error.


    Update:
    After reboot and "alienvault-update -c -v -d" does not work anymore. It back to "Skip upgrade" message which shown in first post.

  • You can run this to show broken packages-

    dpkg -l | grep -v ^ii

    That may point you in the right direction.

    Rus

  • I was managed to upgrade after few days of trying and finally success. I do not know what is the reason and I have never change any settings in alienvault but just somehow managed to upgrade successful. Pretty strange.
Sign In or Register to comment.