ThreatQ v6 Upgrade Instructions
Review the following notes before upgrading a ThreatQ 6x instance to a new version.
Upgrading a Non-Air Gapped ThreatQ Instance
Platform Check
ThreatQ version 6x provides you with the ability to run an independent preflight check, prior to upgrading, to ensure adequate disk space. The system will also scan your installed integrations for any incompatible versions. You will be unable to perform the upgrade if an incompatible integration version is detected.
This scan does not apply to integrations installed on third-party systems such as the ThreatQ App for QRadar.
Run a platform check for the most recent ThreatQ version:
# sudo /usr/local/bin/tqadmin platform check
Run a platform check for a specific version:
# sudo /usr/local/bin/tqadmin platform check -v <version number>
Upgrade Commands
To upgrade, run the following command:
# sudo /usr/local/bin/tqadmin platform upgrade
To upgrade to a specific version, run the following command:
# sudo /usr/local/bin/tqadmin platform upgrade -v <version number>
Upgrading an Air Gapped ThreatQ Instance
See the ThreatQ Platform Air Gapped Installation Guide for detailed information on new installs of ThreatQ on an air gapped device.
If you are upgrading from one 6x release to another, you can use the following steps.
Contact ThreatQ Support if you encounter any issues during the upgrade or require assistance.
Stage 1: Download the Air Gap Upgrade File
To download the air gap upgrade file from a browser:
- Copy the following location to your browser's address bar:
https://<YUM_USER>:<YUM_PASSWORD>@install-v6.threatq.com/<version>-platform.tar.gz
- Open the CLI of the device to upgrade and copy the upgrade file to
/root/using the SCP client of your choice. - Return to the CLI of the device and confirm that the upgrade file is present.
To download the air gap upgrade file via curl:
- Run the following command:
curl https://<YUM_USER>:<YUM_PASSWORD>@install-v6.threatq.com/<version>-platform.tar.gz -o <version>-platform.tar.gz
- Transfer the upgrade file to
/root/on the air gapped box.
Stage 2: Upgrade the Air Gapped Box
- Log into the air gapped box as a root user.
- Run the following command to upgrade the air gapped box:
tqadmin platform upgrade -v <release number> -zExample:tqadmin platform upgrade -v 6.2.0 -z
- The upgrade process looks for the upgrade tarball in the
/root/location. If the file is not in that location, you are prompted to enter the absolute path of the tarball.
Important Preflight Checks
The following is a list of important preflight checks that TQAdmin completes prior to upgrading your ThreatQ instance. If a preflight check identifies an issue, TQAdmin halts your upgrade and returns a message describing next steps.
- ThreatQ v6.10.0 Check:
- If the preflight check for the upgrade to ThreatQ 6.11.0 or later determines that your instance is running ThreatQ 6.9.1 or earlier, it halts the upgrade process and returns the following message: Your installed version of <version number> does NOT meet the minimum requirement for this upgrade. Please upgrade to version 6.10.0 by running ‘tqadmin platform upgrade -v 6.10.0’ before proceeding to the latest.
- TQO Advanced Workflow Check:
- If the preflight check for the upgrade to ThreatQ 6.8.0 or later determines that your instance includes a ThreatQ TDR Orchestrator (TQO) advanced workflow (CDW), it halts the upgrade process and returns the following message: CDW Check failed. Exiting Installation. Please reach out to TQ Support for steps to continue your upgrade.
Contact ThreatQuotient Support for assistance in upgrading your system.
- If the preflight check for the upgrade to ThreatQ 6.8.0 or later determines that your instance includes a ThreatQ TDR Orchestrator (TQO) advanced workflow (CDW), it halts the upgrade process and returns the following message: CDW Check failed. Exiting Installation. Please reach out to TQ Support for steps to continue your upgrade.
- Custom Group Checks:
- If the preflight check for the upgrade to ThreatQ 6.7.4 or later encounters a user assigned to more than one user role, it halts the upgrade process and returns the following message: Custom Group check failed. Exiting Installation. Please reach out to TQ Support for steps to continue your upgrade.
Contact ThreatQuotient Support for assistance in upgrading your system. - If the preflight check for the upgrade to ThreatQ 6.7.0 or later encounters a custom group, it halts the upgrade process and returns the following message: Exiting Installation. Please reach out to TQ Support for steps to continue your upgrade.
Contact ThreatQuotient Support for assistance in upgrading your system.
- If the preflight check for the upgrade to ThreatQ 6.7.4 or later encounters a user assigned to more than one user role, it halts the upgrade process and returns the following message: Custom Group check failed. Exiting Installation. Please reach out to TQ Support for steps to continue your upgrade.