Upgrade procedure

You can upgrade from a V40x platform to V41. If you are using an older version of the SOAR platform, you must first upgrade to V40.

Visit IBM Support Fix Central to acquire the software package. By default, the security updates and optional packages are included in the SOAR software package; however, you can select a different download option so that you can download each package separately.

If Disaster Recovery is enabled, it must be disabled before upgrading the SOAR platform.

Note: If your SOAR platform is configured to use App Hosts, it is recommended that you also upgrade the App Host software to take advantage of the latest features.
Note: A password policy is implemented for the V40 release. By default, user passwords expire in 90 days and API key accounts expire in one year. The expiration time starts immediately upon upgrade. You can change the duration as described in the Password and API key expiration section. For details on the password policy, see What's new in V41 for details.

Complete the following steps to upgrade your SOAR platform.

  1. Use one of the following commands to install the file that you acquired from IBM Security using the actual version number (typically in the format x.x.x) in the file name.

    During the upgrade, the script automatically backs up the database. To allow the backup, use this command:

    sudo bash soar-<version>.run
    

    If you back up your database separately and do not want it backed up automatically as part of the upgrade, use these commands:

    export RES_SKIP_DBBACKUP=1
    sudo –E bash soar-<version>.run
    

    Depending on the amount of data, you might experience longer upgrade times. You can monitor the progress by examining the update_database_x.log as follows, where the x represents the timestamp of the database upgrade:

    sudo tail -f /usr/share/co3/logs/update_database_x.log
    

    If you have any questions regarding this update, contact our support team at https://ibm.com/mysupport.

  2. Install the security updates by running the following command:
    sudo bash soar-appliance-security-update-<V>.run
  3. Restart the Resilient messaging service by entering the following command:
    sudo systemctl restart resilient-messaging.service
The upgrade of the SOAR platform proceeds. If the upgrade fails, output similar to the following is displayed:
Post-installation setup has failed
Failed to upgrade resilient
To roll back the installation, run the command: 
sudo bash /crypt/resRollbackServerUpgrade /crypt/backups/resilient-xxxx.sql.gz
To revert to the previous state, enter the following command, which are based on the preceding output:
sudo bash /crypt/resRollbackServerUpgrade /crypt/backups/resilient-xxxx.sql.gz
Note: After the upgrade has completed, no changes are made to existing roles to add permissions for new features. Administrators with the Roles permission can add permissions for new features to existing roles, as required.
Note: This release replaces the bcrypt password-hashing function used for encrypting passwords to PBKDF2. After upgrading, make sure all users log in again which automatically uses the new method. The same applies to all apps using an API key account.