Skip to main content
Skip table of contents

Apply System Updates to a Data Indexer

LogRhythm DX services install from their own custom repository, allowing customers to apply OS patching against BaseOS and AppStream repositories without impacting the LogRhythm software. Other packages, including Elasticsearch, must only be updated as part of a LogRhythm upgrade. If you detect any vulnerabilities after following these instructions, please contact LogRhythm Support.

Apply Linux System Updates

Linux system updates should generally be applied as they are available. To apply Linux system updates:

To update your Linux Data Indexer:

CODE 
sudo yum update

Multi-Node Cluster

Disable Elasticsearch cluster routing before updating CentOS:

CODE 
curl -XPUT localhost:9200/_cluster/settings -H "Content-Type: application/json" -d '{ "persistent":{"cluster.routing.allocation.enable": "none"}}'

Restart the Data Indexer nodes one at a time and let the nodes rejoin the cluster before updating the next.

Enable Elasticsearch cluster routing:

CODE 
curl -XPUT localhost:9200/_cluster/settings -H "Content-Type: application/json" -d '{ "persistent":{"cluster.routing.allocation.enable": "all"}}'

Apply Windows System Updates

Data Indexer Services on Windows Systems (XM) should follow Operating System Patch Management procedures as documented.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close