Upgrade FortiAnalyzer-BigData

Before you upgrade FortiAnalyzer-BigData, ensure you have an FTP server that the FortiAnalyzer-BigData Security Event Manager Controller can access. Then put the FortiAnalyzer-BigData image on the FTP server.

Upgrade takes about 45 minutes. During the upgrade, the GUI is not available. Log collecting, LogView, and FortiView operations are also not available.

It is recommended to perform the upgrade via the GUI. The upgrade process via the CLI may fail if the SSH connection is disrupted before the Controller hosts reboot during the early upgrade stage.

See below for steps:

• To upgrade FortiAnalyzer-BigData with the GUI:

• To upgrade FortiAnalyzer-BigData with the CLI:

To upgrade FortiAnalyzer-BigData with the GUI:

1. In the banner, open the Account menu and click Upgrade Firmware.

   

2. Click Upgrade to access the System Upgrade dialog box.

   

3. From the Select Source dropdown, select FTP, SFTP, HTTP, HTTPS, or Upload File.
4. Enter the source server's IP address, username, password, and file path. Leave the User Name and Password fields empty if they are not applicable.
5. Click Upgrade.

   The system begins to prepare for the upgrade.

   

   After the system finishes preparing, it loads a new page where you can see the current status and check the upgrade progress.

   

   

   The upgrade takes about 45 minutes. If the upgrade is successful, you see the following message.

   

6. Click here to return to the FortiAnalyzer-BigData portal.

   If the upgrade fails, you see the following message:

   

   To troubleshoot the problem, see What to do if an upgrade fails.

To upgrade FortiAnalyzer-BigData with the CLI:

You can also upgrade your FortiAnalyzer-BigData using the fazbdctl CLI command on the Security Event Manager Controller.

1. Access the Security Event Manager Controller CLI by establishing an SSH connection to the Cluster Management IP. See To connect to the Security Event Manager Controller:.

   Starting the upgrade process from the Main Host instead of the Security Event Manager Controller may result in upgrade failure. If this failure occurs, you must start again with a forced upgrade from the Security Event Manager Controller via SSH connection. Use the -f option to perform the forced upgrade. There is no forced upgrade option via the GUI.

2. Run the following command:

   fazbdctl upgrade cluster -U <ftp_path> -u <user> -p <password>

   Or, interactively,

   fazbdctl upgrade cluster

3. Follow the onscreen instructions to select the source from FTP, SFTP, HTTP or HTTPS, and enter your server URL, upgrade file's zip file path, and FTP username and password.

   The system upgrades the FortiAnalyzer-BigData Main Host and then the Security Event Manager. After a few minutes, the Security Event Manager Controller reboots.

4. After the Security Event Manager Controller reboots, reconnect to it and monitor the broadcast messages for progress.
5. Wait about 45 minutes for the following message to display on the terminal.

   [100%] The system has been upgraded successfully.

   Downgrading to prior versions of FortiAnalyzer-BigData is not supported.

   When an upgrade is in progress, upgrades with the CLI will be blocked from execution with the following error message: Error: Installation Process is already in progress Lock ID: xxxxxxxxxx To force unlock the installation process, use command: fazbdadm force-unlock-install xxxxxxxxxx The force-unlock-install CLI command can be used to force release the upgrade process lock, but it should only be used when the upgrade process stops unexpectedly without releasing the process lock.