Alma Linux Update for MDR customers with AWS Deployments

CentOS has announced the end of life for their version 6 and 8 operating systems. This means CentOS will no longer provide security patches, vulnerabilities, or bug fixes for these operating systems. As a result, Alert Logic is helping customers update all Alert Logic appliances running on out-of-date operating systems.

Update your appliance to Alma Linux using the documentation below.

As we transition all customers to Alma Linux, Alert Logic will continue to maintain necessary security updates for virtual CentOS versions 6 and 8 for a limited period, to ensure all customers remain secure. This support is valid until the following dates depending on the appliance type:

  • Virtual IDS to January 31, 2023
  • Virtual Log Manager to June 30, 2023

How to update for MDR customers with automatic AWS deployments

  1. Install a new appliance for every appliance you have in each VPC. See Amazon Web Services (AWS) Deployment Configuration—Automatic Mode (Essentials Subscription).
  2. Check the health of your agents and appliances on the Health page in the Alert Logic console. See Health.

    It can take up to 60 minutes for the appliance to claim.

  3. Terminate the existing appliance. For more information, see Remove existing IDS and scanning appliances.

How to update for MDR customers with manual AWS deployments

  1. Install a new appliance for every IDS and scan appliance you have in each VPC. For more information, see Deploy IDS appliances and scanning appliances.

    If you are an Essentials customer, you only need to Amazon Web Services (AWS) Deployment Configuration—Manual Mode (Professional Subscription) and remove existing ones.

  2. Check the health of your agents and appliances on the Health page in the Alert Logic console. See Health.

    It can take up to 60 minutes for the appliance to claim.

  3. Terminate the existing appliance. For more information, see Remove existing IDS and scanning appliances.

Remove existing IDS and scanning appliances

You must terminate the existing IDS and scanning appliances. If you have a previous IDS or scanning appliance that you created with an older CloudFormation template, then you must remove the old CloudFormation template. If you cannot find the old CloudFormation template, then you can remove the components: auto-scaling group (ASG), launch configuration, and security groups (SG).

  1. For more instructions on how to remove an CloudFormation Template, see Deleting a stack on the AWS CloudFormation console.
  2. After the old appliance is terminated, verify that the Alert Logic agents are sending data to the new appliance. To verify in the Alert Logic console:
    1. Browse to the Health page, click Healthy, and then in the drop-down filter, choose Agents.
    2. On the left-panel, click on the relevant deployment(s).
    3. Verify that you see traffic in the last 24 hours for your agents. Data can take up to 60 minutes to be reflected in the Alert Logic console after installing the new appliance.

How to update other products

If you do not have MDR or AWS deployments, refer to the links below for specific instructions depending on your subscription and services: