Skip to content

HOWTO patch kibana for security reason

Why do that

New CVE discover - Elastic security

Prerequisites

  • Access to administration device
  • Synchronize your configuration (git pull)

What to do

Check the compatibility on preproduction environment

If you have a preproduction environment, follow the next steps. If not, PunchPlatform provides a small evaluation package to reproduce your production environment called standalone.

  • get the standalone with the PunchPlatform production version. Check the documentation directly on the platform to get the version.
  • install the standalone and inject logs following the getting started procedure
  • stop kibana (punchplatform-kibana.sh --stop)
  • remove the current version of kibana in external directory
  • download the last version compatible version of kibana related to your platform.
  • start kibana (punchplatform-kibana.sh --start)
  • check the correct functionning.

Deploy the new kibana

Download the new kibana

Download the last compatible version of kibana and move it in the archives directory in the deployer.

Upgrade kibana in configuration

Update the punchplatform-deployment.settings before have synchronize the configuration with:

1
"kibana_version" : "kibana-4.6.5-linux-x86_64",

Deploy the new version

1
$ punchplatform-deployer.sh deploy -Kk -t kibana