这篇文章总结了如何升级IBM 卫报组件以及如何修补系统

IBM 卫报修补/升级

1   检查IBM 卫报 Appliance和代理版本

2   从Fix Central下载补丁/更新
从下载服务器/代理补丁 IBM Fix Central

补丁说明:

3   从CLI安装聚合补丁程序

此方法通常适用于Central 管理r(聚合器)。登录Web GUI后,通知图标将显示一个红色数字,以通知您有可用的补丁程序。您可以通过单击下载从IBM Fix Center下载它。

下载补丁后,需要将补丁上传到Guardium管理器/聚集器。根据环境,应将修补程序上载到中央管理器或单个收集器。它总是从顶部(Manager / Aggregator)到底部(Collector)开始。

注意:强烈建议在安装修补程序之前进行完整的系统备份。

升级步骤:

  • 以“ cli”身份登录到设备
  • 输入命令“文件服务器<<ip_address>> <<duration>>‘。这将启用Web服务器
    • 执行fileserver命令后,从Web浏览器连接到设备http:// _<<appliance_name_or_ip>>:8445

cm01.51sec.org> fileserver 10.10.10.2 1200

Starting the file server...
The file server is ready at //cm01.51sec.org:8445
The timeout has been set to 1200 seconds and it may timeout during the uploading.

The upload will 上ly be accessible from the IP you are logged in from: 10.10.136.2

Press ENTER to stop the file server.

Stopping process

Register patch files in the directory:
SqlGuard-11.0p100_GPU_Nov_2019_V11.1.tgz.enc.sig
Register succeeded
ok
cm01.51sec.org>

  • 浏览本地文件系统以找到下载的补丁文件(已解压缩)
  • 单击上载按钮以将补丁文件(* .sig)上载到设备

  • 补丁上传后,只需点击“ enter”以关闭“ fileserver”
  • 在cli窗口中,使用补丁安装命令来安装补丁
    • 显示可用的系统补丁:显示可以安装的可用补丁(由于上传了一些错误的旧软件包,您可能会看到一些错误消息)
    • 立即存储系统补丁安装sys
  • 这将启动向导以安装可用的修补程序。

itprosec-tor-igcm01.51sec.org> store system patch install sys

List the files in the patches directory:

1. SqlGuard-10.0p11000_Upgrade_to_Version_11.0_Jun_2019.tgz.enc.sig
2. SqlGuard-10.0p620_Bundle_Apr_25_2019.tgz.enc.sig
3. SqlGuard-10.0p9997.tgz.enc.sig
4. SqlGuard-11.0p12_Bundle_Nov_05_2019.tgz.enc.sig
5. SqlGuard-11.0p4003_Snif_Oct_24_2019.tgz.enc.sig

Please choose patches to install (1-5, or multiple numbers separated by ",", or q to quit): 5
Install item 5

Patch has been submitted, and will be installed according to the request time,
please check installed patches report or CLI (show system patch installed).

Please don't forget to remove your media if necessary.
ok

itprosec-tor-igcm01.51sec.org> show system patch installed
P#      Who       Description                     Request Time         Status
11000   CLI       Upgrade to Version 11.0 (Jun 07 2019-08-30 11:14:11  Phase 5: Migration completed
4003    CLI       Snif Update (Oct 24 2019)       2019-12-04 17:18:45  STEP: Executing Post Install Actions
12      CLI       SqlGuard-11.0p12_Bundle_Nov_05_ 2019-12-04 17:21:01  Preparing to install patch.
ok

注意:您的安装可能由于缺少相关性而失败,如下所示:

cm01.51sec.org> store system patch install sys

List the files in the patches directory:

1. SqlGuard-10.0p11000_Upgrade_to_Version_11.0_Jun_2019.tgz.enc.sig
2. SqlGuard-10.0p620_Bundle_Apr_25_2019.tgz.enc.sig
3. SqlGuard-10.0p9997.tgz.enc.sig
4. SqlGuard-11.0p100_GPU_Nov_2019_V11.1.tgz.enc.sig
5. SqlGuard-11.0p12_Bundle_Nov_05_2019.tgz.enc.sig
6. SqlGuard-11.0p4003_Snif_Oct_24_2019.tgz.enc.sig

Please choose patches to install (1-6, or multiple numbers separated by ",", or                                                                                                              q to quit): 4
Install item 4

Dependent patches not installed successfully or not available: 9997

Please don't forget to remove your media if necessary.
ok

在上面的示例中,未首先安装最新的health_check补丁。您将需要前往修复中心来下载此最新的health_check补丁。
安装最新的运行状况检查补丁与安装其他补丁相同:
一种。通过文件服务器命令上传提取的.sig healtch_check补丁
b。存储系统补丁安装系统:选择您刚刚上传的系统
C。显示已安装的系统补丁:检查安装过程

注意:对于嗅探补丁,通常需要10分钟才能完成。但对于捆绑包,则需要30到60分钟才能完成。有时,安装后的软件包不会从列表中删除。进行选择时,您必须清楚地知道已安装了哪一台,以及现在需要安装哪一台。

4  从Web GUI为数据库安装补丁

从中央管理器(聚合器)中推出STAP

对于GIM,您需要取消选中某些过滤器以显示它。

分发补丁程序/从Central 管理r向收集器安装补丁程序

要将补丁从中央管理器分发到受管单元,必须执行以下操作之一:


该补丁已安装在中央管理器上

  • 通过运行以下CLI命令,补丁已在中央管理器上可用: store system patch available
使用以下命令将补丁分发到受管单元 中央管理 中央管理器上的页面。

  1. 导航 管理 > 中央管理 > 中央管理.
  2. 来自 中央管理 页上,选择受管单元以接收补丁,然后单击 补丁分发 button.
  3. 来自 补丁分发 页上,选择要分发的补丁。
    • 请点击 立即安装补丁 立即安装补丁。
    • 请点击 计划补丁 计划将来安装补丁程序。


5  监视并验证补丁安装

您可以通过以下方式监视和验证修补程序的安装:

  • 发出以下CLI命令: show system patch install.
  • 使用CM上的“中央管理”页面: 管理 > 中央管理 > 中央管理 > 补丁安装状态.

安装DPS更新

升级或还原过程后,您将需要更新Guardium DPS文件。下载最新的DPS文件,然后使用 硬化 > 漏洞评估 > 客户上传 上传和导入新DPS文件的工具。


单击绿色复选标记以导入上载的DPS文件。

删除卡死补丁安装

修补程序安装可能会在某些阶段卡住。就我而言,它已经停留在“准备安装补丁”上了几个小时。

guardium-v11.yourcompany.com> show system patch install
P#      Who       Description                     Request Time         Status
200     CLI       卫报 Patch Update (GPU) for 2020-08-16 10:25:16  DONE: Patch installation Succeeded.
4009    CLI       SqlGuard-11.0p4009_Snif_Jul_09_ 2020-08-18 09:14:58  Preparing to install patch.
ok
guardium-v11.yourcompany.com>


guardium-v11.yourcompany.com> delete scheduled-patch
P#      Who       Description                     Request Time         Status
200     CLI       卫报 Patch Update (GPU) for 2020-08-16 10:25:16  DONE: Patch installation Succeeded.
4009    CLI       SqlGuard-11.0p4009_Snif_Jul_09_ 2020-08-18 08:17:40  Preparing to install patch.

Please enter patch number (or q to quit): 4009
Remove the patch number 4009 to install
ok
guardium-v11.yourcompany.com> show system patch inst
P#      Who       Description                     Request Time         Status
200     CLI       卫报 Patch Update (GPU) for 2020-08-16 10:25:16  DONE: Patch installation Succeeded.
ok
guardium-v11.yourcompany.com> store system patch install sys

List the files in the patches directory:

1. SqlGuard-11.0p4009_Snif_Jul_09_2020.tgz.enc.sig

Please choose patches to install (1-1, or multiple numbers separated by ",", or q to quit): 1
Install item 1


Patch has been submitted, and will be installed according to the request time,
please check installed patches report or CLI (show system patch installed).

Please don't forget to remove your media if necessary.
ok
guardium-v11.yourcompany.com> 

生成补丁安装问题的支持日志:


guardium-v11.yourcompany.com> support must_gather patch_install_issues


This operation may take several minutes to complete.

11.2.0_r108847_v11_2_1-el76-20200529_1309
    BUILD_ID_APPLIANCE="appliance-v11_2-20200529_1309"
Please check notes in /var/IBM/Guardium/log/must_gather/patch_install_logs/ANALYZE_RESULTS.txt file.
Created file /var/IBM/Guardium/log/must_gather/patch_install_logs/patch_install.20200818092518.tgz.
ok
guardium-v11.yourcompany.com>fileserver 192.168.2.70 3600

参考文献

1   

来自Blogger //blog.fabiandinkins.com/2020/08/ibm-guardium-upgrade-patch-installation.html

通过 约翰

发表评论