New to RockNSM - advice on upgrades


I have a been using Zeek (Bro) on Security Onion and Ubuntu for quite a while and recently came across RockNSM. Still trying to get my bearing on where things are at in terms of config/etc for tweaking and other items.

Have a couple of sensor deployed on version 2.2 and was trying to determine if there is an easy upgrade path to 2.4? I would like to upgrade in place sense I have a 2-3 months of data on the sensors.


Sorry for the delay here. We have had some success updating packages from 2.2 to 2.4 with yum. The trick is migrating the Elastic data. This is currently a manual process. I recommend snapshotting your Elasticsearch indices and importing them into your new cluster when it stands up.