Welcome to the Aanval Wiki. Snort, Suricata and Syslog Intrusion Detection, Situational Awareness and Risk Management.
Visit http://www.aanval.com/ for more information.
Aanval:Aanval 7 to Aanval 8 Upgrade Guide
This document is intended to instruct users upgrading from Aanval 7 (SAS) to Aanval 8. Please ensure you follow the instructions closely and backup your installation as indicated by the instructions. Also, be careful with any delete commands, as they can do damage to your system if you are unsure of what you are doing.
If you have any questions or concerns, please contact support or sales as necessary.
- Stop the Aanval Background Processing Units (BPUs) to ensure all console operations have ceased prior to beginning the upgrade process. This can be done by executing the following command from within the /apps/ directory of your current Aanval installation:
- Verify these processes have stopped by running the commands below:
- Check to ensure they have successfully stopped, as this may cause complications. You may either manually kill any remaining processes or wait for them to end.
- Make a backup copy or simply save the contents of your /conf/conf.php and keep it handy. The settings contained within will be used during the installation/upgrade process momentarily.
- Make a complete backup copy of your current Aanval directory in the event you need to rollback or return to a working version. This can be done with the following command:
- WARNING: Please ensure you are within your current Aanval directory when you issue the following command! If you are unsure, ask someone!
Delete the contents of your current Aanval directory as this will need to be empty for the new installation/upgrade to work as intended. This can be done with the following command:
- Download the latest release of Aanval 8 and uncompress it within your (now empty) Aanval directory. This can be done with the following commands:
- Point your web browser to your Aanval web server directory and follow the instructions provided to continue and finish your Aanval 8 installation/upgrade.
- If any permissions problems are identified, please resolve them during the installation/upgrade portion to prevent damage to the system.
- If you are utilizing Aanval's Sensor Management Tools (SMTs) for signature management, make sure to issue commands for each sensor to Get Configuration and Get Rules, to sync sensor data with the new version of Aanval.
- Start the Background Processing Units by traversing to your installation's /apps directory and issue the following command:
perl idsBackground.pl -stop
ps aux | grep BPU
ps aux | grep php
tar -cf aanval_backup.tar *
rm -rf *
tar -zxvf aanval-8-latest-stable.tar.gz
Note: within the configuration section of this portion, you will need to enter the configuration options you set aside in previous steps.
perl idsBackground.pl -start
If you have any questions, comments, or concerns, please contact Aanval support or sales as necessary.