Current ThreatQ Version Filter
 

ThreatQ Version 5.10.1 Release Notes

Release Date: 2023-01-19
Download PDF Version

ThreatQ Release Notes Header

What's New in Version 5.10.1

The ThreatQuotient team is pleased to announce the availability of ThreatQ version 5.10.1. Below is a list of enhancements, important bugs that have been addressed, and upgrade instructions.

You can access these release notes, along with other ThreatQ product documentation on the ThreatQ Help Center.

Upgrade Impact

The upgrade is expected to take the standard amount of time for a ThreatQ upgrade. The exact time to complete the upgrade depends on your specific environment and resources.

After you start the upgrade, do not cancel the installation. Doing so will leave your system in an unusable state.

Upgrading from... Full Reindex Required Data Migration Required Server Reboot Required
5x
No
Yes
Yes
4x
Yes
Yes
Yes
 

If you are upgrading to this release from 5.6 or earlier, a full reindex is required.

ThreatQ Platform (TQ)

The following is a list of new features and bug fixes for the ThreatQ platform available when you upgrade from ThreatQ v5.10, or earlier, to 5.10.1.

New/Updated Features

Exports | Differential Data
To decrease the time required for exports that pull differential data, we added an index for the object_modified_at field. In addition, we added a current timestamp to the modified at column for all objects.
To support customers that use custom objects, we added an index for the modified at column to the existing custom objects’ touched at tables. When you install a new custom object, this index is created for the new custom object.
Exports | Initial Data Pull
We modified the initial data pull process for exports to ensure that all records are exported whether or not the modified_at field contains a timestamp.

Notable Bug Fixes

  • After upgrading from ThreatQ v4.58.1 to 5.10.0 or an earlier 5x version:
    • The load time for dashboards and the Threat Library increased.
    • Multiple objects were missing from the Threat Library.
  • When you upgraded a ThreatQ instance that did not include ifconfig from 4x to 5x, Solr was unable to communicate with MariaDB. We resolved this issue by adding the net-tools package, which includes ifconfig, as a dependency to our RPMs and including it in the TQ version artifact.
  • In some instances, when you attempted to save a custom dashboard, ThreatQ returned a Serialization failure error.
  • The reset expirations by source process generated new processes that caused MySQL to run out of connections.

Install Notes

  • To upgrade from a 4x version to 5x, you must be on the most recent 4x release.
  • For the upgrade from the most recent 4x release to 5x, you will need to enter your MySQL root password during the upgrade process.
  • The following warning will be displayed during the upgrade process:
    Warning: RPMD altered outside of yum.
    **Found 5 pre-existing rpmdb problem(s), ‘yum’ check output follows
    This warning does not require any action on your part and will be resolved during the upgrade.
  • Do not restart your instance during the upgrade process.

We highly recommend that you perform a backup of your ThreatQ instance before upgrading.

How to Upgrade

The TQAdmin tool used for platform checks and upgrades requires elevated privileges and must be run as root.

To elevate to root, run the following command:

# sudo su -

Platform Check

ThreatQ version 5x provides you with the ability to run an independent preflight check, prior to upgrading, to ensure adequate disk space. The system will also scan your installed integrations for any incompatible versions.  You will be unable to perform the upgrade if an incompatible integration version is detected. 

This scan does not apply to integrations installed on third-party systems such as the ThreatQ App for QRadar.

Run a platform check for the most recent ThreatQ version:

# tqadmin platform check

Run a platform check for a specific version:

# tqadmin platform check -v <version number> 

Upgrade Commands

To upgrade, run the following command:

# tqadmin platform upgrade

To upgrade to a specific version, run the following command:

# tqadmin platform upgrade -v <version number>

To discuss planning your upgrade, don't hesitate to get in touch with your Customer Success Engineer.

As always, contact our Customer Support Team if you encounter problems when upgrading or need assistance.

Thank you,

The ThreatQuotient Team

Email Support  support@threatq.com
Web Support support.threatq.com
Support Phone 703.574.9893