Skip to content

Upgrading Sophos Linux Sensor

Overview

This article addresses how you can upgrade the Sophos Linux Sensor (SLS). We will walk users through the step by step instructions for upgrading SLS packages on your Linux system using the systemd package manager as an example.

Please note that this document assumes that you already have SLS installed and running. If you haven't done that before, please visit this page.

To upgrade SLS on Ubuntu and CentOS/RHEL/Amazon, do the following:

Upgrading SLS on Ubuntu

Follow the below steps to upgrade SLS running on your Linux system:

  1. Search to see the SLS package running on your Linux system using the following command:

    apt list --installed | grep capsule8
    

    Sample Output:

    capsule8-sensor-systemd/xenial,now 4.9.0 amd64 [installed,upgradable to: 4.10.1]
    
  2. To upgrade to a specific sensor version, run the following command:

    $ apt-get install capsule8-sensor-systemd=4.10.1   #
    

    This will upgrade the sensor using systemd as package manager. You can upgrade to any version of SLS just by specifying the version to which you want to upgrade.

    Sample output:

    Reading package lists... Done
    Building dependency tree 
    Reading state information... Done
    The following packages will be upgraded:
    capsule8-sensor-systemd
    1 upgraded, 0 newly installed, 0 to remove and 138 not upgraded.
    Need to get 31.2 MB of archives.
    After this operation, 1153 kB of additional disk space will be used.
    Get:1 <a href="https://packagecloud.io/capsule8/capsule8/ubuntu" rel="nofollow">https://packagecloud.io/capsule8/capsule8/ubuntu</a> xenial/main amd64 capsule8-sensor-systemd amd64 4.5.2 [33.2 MB]
    Fetched 31.2 MB in 2s (12.5 MB/s) 
    (Reading database ... 63226 files and directories currently installed.)
    Preparing to unpack .../capsule8-sensor-systemd_4.10.1_amd64.deb ...
    Unpacking capsule8-sensor-systemd (4.10.1) over (4.9.0) ...
    Setting up capsule8-sensor-systemd (4.10.1) ...
    Capsule8 Security & Analytics Agent version 4.10.1-03590ed64b (Build: 44f28b07-1f0b-42ab-99bf-d8b4190984e7)
    2022-03-03T17:05:09.778Z INFO Successfully set capabilities. 
    
  3. Confirm the upgrade was successful.

    apt list --installed | grep capsule8
    

    Sample Output:

    capsule8-sensor-systemd/focal,now 4.10.1 amd64 [installed] 
    

    You can see from the output that SLS has been successfully upgraded to 4.10.1

Alternative SLS Upgrade

You can also upgrade to the latest sensor by installing the desired SLS package with your package manager. The package is installed with the name Capsule8 Sensor and with the service manager as a hyphenated suffix, such as:

  • sysV
  • syst
  • upst
  • runit

Here's an example:

$ sudo apt-get install capsule8-sensor-systemd

This automatically installs the latest version

Upgrading SLS on RHEL/CentOS/Amazon

To upgrade the SLS running on your Linux system, do the following:

  1. Search to see the SLS package running on your Linux system using the following command:

    yum list installed | grep capsule8
    rpm -qa | grep capsule8
    

    Sample output:

    capsule8-sensor-systemd-4.9.0-1
    

    This shows the SLS version running on this host.

  2. Run the command below to upgrade to a specific SLS version.

    $ sudo yum install capsule8-sensor-systemd-4.10.1
    

    This upgrades SLS using systemd as package manager. You can upgrade to any version of SLS just by specifying the version to which you want to upgrade.

    Sample output:

    Loaded plugins: fastestmirror
    Loading mirror speeds from cached hostfile
    epel/x86_64/metalink                                                                                                                                       |  14 kB  00:00:00
    * base: mirrors.greenmountainaccess.net
    * epel: epel.mirror.constant.com
    * extras: mirrors.mit.edu
    * updates: mirror.vcu.edu
    base                                                                                                                                                       | 3.6 kB  00:00:00
    extras                                                                                                                                                     | 2.9 kB  00:00:00
    updates                                                                                                                                                    | 2.9 kB  00:00:00
    Resolving Dependencies
    --> Running transaction check
    ---> Package capsule8-sensor-systemd.x86_64 0:4.9.0-1 will be updated
    ---> Package capsule8-sensor-systemd.x86_64 0:4.10.1-1 will be an update
    --> Finished Dependency Resolution
    
    Dependencies Resolved
    
    ==================================================================================================================================================================================
    Package                                             Arch                               Version                               Repository                                     Size
    ==================================================================================================================================================================================
    Updating:
    capsule8-sensor-systemd                             x86_64                             4.10.1-1                              capsule8_capsule8                              30 M
    
    Transaction Summary
    ==================================================================================================================================================================================
    Upgrade  1 Package
    
    Total download size: 30 M
    Is this ok [y/d/N]: y
    Downloading packages:
    capsule8-sensor-systemd-4.10.1-1.x86_64.rpm                                                                                                                |  30 MB  00:00:01
    Running transaction check
    Running transaction test
    Transaction test succeeded
    Running transaction
    Updating   : capsule8-sensor-systemd-4.10.1-1.x86_64                                                                                                                        1/2
    Capsule8 Security & Analytics Agent version 4.10.1-03590ed64b (Build: 44f28b07-1f0b-42ab-99bf-d8b4190984e7)
    2022-03-03T17:27:03.919Z    INFO    Successfully set capabilities.
    Cleanup    : capsule8-sensor-systemd-4.9.0-1.x86_64                                                                                                                         2/2
    Verifying  : capsule8-sensor-systemd-4.10.1-1.x86_64                                                                                                                        1/2
    Verifying  : capsule8-sensor-systemd-4.9.0-1.x86_64                                                                                                                         2/2
    
    Updated:
    capsule8-sensor-systemd.x86_64 0:4.10.1-1
    
    Complete!
    
    $ sudo yum install capsule8-sensor-systemd
    Loaded plugins: fastestmirror
    Loading mirror speeds from cached hostfile
    epel/x86_64/metalink                                                                                                                                       |  14 kB  00:00:00
    * base: mirrors.greenmountainaccess.net
    * epel: epel.mirror.constant.com
    * extras: mirrors.mit.edu
    * updates: mirror.vcu.edu
    base                                                                                                                                                       | 3.6 kB  00:00:00
    extras                                                                                                                                                     | 2.9 kB  00:00:00
    updates                                                                                                                                                    | 2.9 kB  00:00:00
    Resolving Dependencies
    --> Running transaction check
    ---> Package capsule8-sensor-systemd.x86_64 0:4.9.0-1 will be updated
    ---> Package capsule8-sensor-systemd.x86_64 0:4.10.1-1 will be an update
    --> Finished Dependency Resolution
    
    Dependencies Resolved
    
    ==================================================================================================================================================================================
    Package                                             Arch                               Version                               Repository                                     Size
    ==================================================================================================================================================================================
    Updating:
    capsule8-sensor-systemd                             x86_64                             4.10.1-1                              capsule8_capsule8                              30 M
    
    Transaction Summary
    ==================================================================================================================================================================================
    Upgrade  1 Package
    
    Total download size: 30 M
    Is this ok [y/d/N]: y
    Downloading packages:
    capsule8-sensor-systemd-4.10.1-1.x86_64.rpm                                                                                                                |  30 MB  00:00:01
    Running transaction check
    Running transaction test
    Transaction test succeeded
    Running transaction
    Updating   : capsule8-sensor-systemd-4.10.1-1.x86_64                                                                                                                        1/2
    Capsule8 Security & Analytics Agent version 4.10.1-03590ed64b (Build: 44f28b07-1f0b-42ab-99bf-d8b4190984e7)
    2022-03-03T17:27:03.919Z    INFO    Successfully set capabilities.
    Cleanup    : capsule8-sensor-systemd-4.9.0-1.x86_64                                                                                                                         2/2
    Verifying  : capsule8-sensor-systemd-4.10.1-1.x86_64                                                                                                                        1/2
    Verifying  : capsule8-sensor-systemd-4.9.0-1.x86_64                                                                                                                         2/2
    
    Updated:
    capsule8-sensor-systemd.x86_64 0:4.10.1-1
    
    Complete!
    
  3. Confirm the upgrade was successful.

    yum list installed | grep capsule8
    rpm -qa | grep capsule8
    

    Sample output:

    capsule8-sensor-systemd-4.10.1
    

    You can see from the above output that SLS has been successfully upgraded to 4.10.0.

Alternative SLS Upgrade

Users can upgrade the sensor by installing the desired SLS package with your package manager. The package is installed with the name SLS and with the service manager as a hyphenated suffix, such as:

  • sysV
  • systemd
  • upstart
  • runit

Here's an example:

$ sudo yum install capsule8-sensor-systemd
Back to top