Updating OSSEC is as easy as it can get. Just download the latest package and follow the installation instructions as usual. It will detect that you already have it installed and ask:
- You already have OSSEC installed. Do you want to update it? (y/n): y
Just answer yes
to this question and the script will update the OSSEC binaries.
local_rules.xml
and local_decoder.xml
will not be modified during this upgrade.
The script will also prompt for an answer to the following question:
- Do you want to update the rules? (y/n): y
Answering yes
to this question updates the <rules>
section of the system’s ossec.conf.