TOC & Recently Viewed

Recently Viewed Topics

Upgrade the LCE Server

The following table lists the upgrade paths for the LCE server with links to release notes, as well as the compatible versions of SecurityCenter and LCE clients. If you have a version of LCE that does not appear in the From... column corresponding to the version you are trying to upgrade to, you must first upgrade to an intermediate version. For example, if you were currently using 4.4.x, you would first need to upgrade to 4.8 before upgrading to 5.0.

Upgrade to... From... Compatible versions of SecurityCenter Compatible LCE clients
5.0 4.8.x SecurityCenter version 5.1 or later.

Clients version 4.0.0 or later. Older LCE clients will not be able to log in and send event data to LCE 4.4 to 5.0.

4.8.1 4.8, 4.6.x SecurityCenter version 4.6.2.2 or later.
4.8 4.6.x, 4.4.x SecurityCenter version 4.6.2.2 or later.
4.6.1 4.6, 4.4.x SecurityCenter version 5.1 or later.
4.6 4.4.x SecurityCenter version 4.6.2.2 or later.
4.4.1 4.4, 4.2.2 SecurityCenter version 4.6.2.2 or later.
4.4 4.2.2 SecurityCenter version 4.6.2.2 or later.

LCE will work with older versions of SecurityCenter than those listed, but some new features will not be supported.

Before You Begin

Caution: When upgrading to LCE 5.0, review the updated system requirements. In order to utilize LCE 5.0, your system will require about twice the previous minimum disk space, and about 33% more computing power and RAM. It is not recommended that you upgrade a system that is already operating at maximum capacity while utilizing an older version of LCE.

The following procedure must be performed as the root user.

Upgrade Procedure

To upgrade, enter the following command: rpm -Uvh <package name>, where <package name> is the name of the LCE server package you downloaded from the Tenable Support Portal. You do not need to stop the LCE server before upgrading.

# rpm -Uvh lce-5.0.0-el6.x86_64.rpm

Preparing...       ########################################### [100%]

1:lce              warning: /opt/lce/.ssh/authorized_keys created as /opt/lce/.ssh/authorized_keys.rpmnew

########################################### [100%]

Moving deprecated file lce.conf to /opt/lce/tmp; OK to delete it once upgrade succeeds.

Moving deprecated file feed.cfg to /opt/lce/tmp; OK to delete it once upgrade succeeds.

Moving deprecated file rules.conf to /opt/lce/tmp; OK to delete it once upgrade succeeds.

Moving deprecated file excluded_domains.txt to /opt/lce/tmp; OK to delete it once upgrade succeeds.

Moving deprecated file trusted_plugins.txt to /opt/lce/tmp; OK to delete it once upgrade succeeds.

Moving deprecated file hostlist.txt to /opt/lce/tmp; OK to delete it once upgrade succeeds.

Moving deprecated file untracked_usernames.txt to /opt/lce/tmp; OK to delete it once upgrade succeeds.

Moving deprecated file disabled-tasls.txt to /opt/lce/tmp; OK to delete it once upgrade succeeds.

Moving deprecated file disabled-prms.txt to /opt/lce/tmp; OK to delete it once upgrade succeeds.

Moving deprecated file sampleable_tasls.txt to /opt/lce/tmp; OK to delete it once upgrade succeeds.

Moving deprecated file syslog_sensors.txt to /opt/lce/tmp; OK to delete it once upgrade succeeds.

The installation process is complete.

Please refer to /var/log/lce_upgrade.log to review installation messages.

 

To configure LCE, please direct your browser to:

   https://192.168.0.123:8836

After the upgrade, changes to the LCE configuration will be done using the LCE interface. To access the LCE interface navigate to the IP address or hostname of the LCE server over port 8836 (https://<ip address or hostname>:8836). The previous configuration files are stored in /opt/lce/tmp and may be deleted once the upgrade is determined to be successful.

Additional Steps for 5.0

After upgrading the server to 5.0, you must also migrate data from your silos to Elasticsearch databases using a tool included with the LCE 5.0 package. After validating that there are no issues with the databases, you can then use the same tool to remove the old silos.

Migrating Silos

To migrate silos, enter the following command: /opt/lce/tools/migrateDB-toES. The following table describes the arguments that can be used with the tool.

Argument Description
--migrate-all-silos Data from all existing silos will be migrated into Elasticsearch databases.
--migrate-silo <silo_number> Migrates data from a silo to an Elasticsearch database, where <silo_number> is the silo number that you want to migrate.
--migrate-silo <pathOf__.ndb[.gz]> <pathOf__lceN-log_store/> Migrates an archived silo and log store.
--list-ndbLdb-silos Lists silos containing NDB and LDB data.
--list-ES-silos Lists Elasticsearch databases

Removing Silos

To remove old silos, enter the following command: /opt/lce/tools/migrateDB-toES. The following table describes the arguments that can be used with the tool.

Argument Description
--remove-all-silos All existing NDB/LDB silos will be remove.
--remove-silo <silo_number> Removes a specific NDB/LDB silo, where <silo_number> is the number of the silo that you want to remove.
--remove-archive-silo <pathOf__.ndb[.gz]> Removes an archived silo, where <pathOf__.ndb[.gz]> is the path to the archived silo that you want to remove.
--remove-migrating-silo Removes a silo that is in the process of migrating.

Copyright © 2017. Tenable Network Security, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are registered trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.