Limited supportBMC provides limited support for this version of the product. As a result, BMC no longer accepts comments in this space. If you encounter problems with the product version or the space, contact BMC Support.BMC recommends upgrading to the latest version of the product. To see documentation for that version, see BMC AMI Command Center for Security 6.2.

Upgrading

This topic provides information about upgrading the BMC AMI Command Center for Security product (generally known as BMC Defender Server).

If you do not have version 6.1.00 of the product installed on your computer, see Installing the latest version.

If you have version 6.1.00 installed, you can apply a patch or a small programming enhancement (SPE), which is a periodic update that includes all previous SPE enhancements and patches. (To see the full list of patches and SPEs, see Notices.) For more information, see Applying a patch or Applying an SPE.

Before you begin

Perform the following steps before upgrading to a new patch or SPE:

  • Make sure that you have access to the BMC Electronic Product Download website. Your ability to access product pages on the EPD website depends on the license entitlements purchased by your company.

  • From the Windows Start menu, select BMC Defender > Start And Stop Services, and click Stop.
    The following services are stopped:
    • BMC Defender Apache
    • CorreLog Framework
    • CorreLog Syslog Message Service

Important

If you are upgrading in a high-availability deployment environment, update one server at a time.

Installing the latest version

Run a full installation of version 6.1.00 of the product to completely replace a previous version with the latest defaults.

The installation utility replaces all system executables and the existing configuration files with the new default settings, including the following items:

  • Dashboard and thread customizations
  • Customized HTML templates, such as for headers and footers (found in the installationDirectory\s-html directory)
    Replace installationDirectory with the directory in which you installed the product. The default directory is C:\Program Files\BMC Software\BMC Defender.
  • Log data


Important

Do not try to install a second instance where one is already installed. If a product instance is running, the full installation process automatically tries to install it at the existing installation path. If you change the installation directory, the utility overwrites some system references and the product does not perform as expected. Only one set of processes can run at a time.

To run a full installation, download and run the relevant self-extracting file from the EPD website:

  • BMC AMI Command Center for Security Version 

    6.1.00

     (the downloaded file name is BMC-AMI-Command-Center-for-Security-

    6.1.00

    .bbbb.exe)

  • BMC Defender SIEM Correlation Server Version 

    6.1.00

     (the downloaded file name is BMC-Defender-SIEM-Correlation-Server-

    6.1.00

    .bbbb.exe)

For more information about a full installation, see Installing-BMC-Defender-Server.

Tip

For testing purposes, you can have multiple versions on your system, but only one product instance can run at a time.

For example, if you have version 5.9.02 installed and you want to test version 6.1.00, perform the following steps:

  1. Uninstall version 5.9.02 and keep the files.
    For information about uninstalling, see Uninstalling-BMC-Defender-Server-and-BMC-Defender-Agent-for-Windows.
  2. Install version 6.1.00 in a different directory.
  3. To return to version 5.9.02, uninstall version 6.1.00 (keep the files) and reinstall version 5.9.02 from the existing installationDirectory\system\co-install.exe file.

Applying a patch

To apply a patch, download and extract the relevant ZIP files into the the current installation files. Locate patches under the product's Patches tab on the EPD website. Each patch has instructions for applying it.

Applying an SPE

To install an SPE, your system must be running 6.1.00 of the product. You can install one SPE without having installed earlier SPEs.

We issue two types of SPE: a standard SPE and an original equipment manufacturer (OEM) SPE.

A standard SPE replaces all system executables and customizable items, including customized HTML templates, such as for headings and footers, with default content. A standard SPE does not change existing system configurations, dashboards, threads, alerts, and reports.

An OEM SPE updates only system executables, but not existing system configurations, dashboards, threads, alerts, reports, and HMTL templates.

To apply a standard SPE

  1. To save customized HTML templates, create a backup copy of the installationDirectory\s-html directory.

  2. Download and run the relevant self-extracting file from the EPD website:

    • BMC AMI Command Center for Security Version 

      6.1.00

       - SPEyymm (the downloaded file name is BMC-AMI-Command-Center-

      6.1.00

      -SPEyymm.bbbb.exe)

    • BMC Defender SIEM Correlation Server Version 

      6.1.00

       - SPEyymm (the downloaded file name is BMC-Defender-SIEM-

      6.1.00

      -SPEyymm.bbbb.exe)

    The yymm placeholder represents the year and month of the release.
    The bbbb placeholder represents the build number of the release.

  3. In the web interface, load the templates as follows:
    1. Navigate to Correlation > Config > Templates.
    2. Select Load From and click Start.
    3. Select the ZOS_Dashboard_Upgrade template and click Next.
    4. Select how you want to handle merging the template with your current configuration:
      • Merge—Adds template items that do not exist in the configuration, but does not modify existing items
      • Merge-And-Replace—Adds template items that do not exist in the current configuration and replaces existing items of the same name, but does not modify other items
      • Replace—Replaces the entire configuration with the specified template items.

After incorporating the new configuration items, you can use the dashboards, threads, and other items.

The templates are located in the installationDirectory\config\$templ directory. Replace installationDirectory with the directory in which you installed the product. The default directory is C:\Program Files\BMC Software\BMC Defender.

For complex systems, you can review and compare the template configuration files and choose individual changes to include in your system.

To apply an OEM SPE

An OEM SPE updates only system executables, but not existing system configurations, dashboards, threads, alerts, reports, and HMTL templates.

  1. Download and run the relevant self-extracting file from the EPD website:

    • (SPE2110) BMC AMI Command Center for Security 

      6.1.00

      OEM SPEyymm (the downloaded file name is BMC-AMI-CC-OEM-

      6.1.00

      -SPEyymm.bbbb.exe)

    • BMC Defender SIEM Correlation Server Version 

      6.1.00

       OEM SPEyymm (the downloaded file name is BMC-Defender-SIEM-OEM-

      6.1.00

      -SPEyymm.bbbb.exe)

    The yymm placeholder represents the year and month of the release.
    The bbbb placeholder represents the build number of the release.

  2. In the web interface, load the templates as follows:
    1. Navigate to Correlation > Config > Templates.
    2. Select Load From and click Start.
    3. Select the ZOS_Dashboard_Upgrade template and click Next.
    4. Select how you want to handle merging the template with your current configuration:
      • Merge—Adds template items that do not exist in the configuration, but does not modify existing items
      • Merge-And-Replace—Adds template items that do not exist in the current configuration and replaces existing items of the same name, but does not modify other items
      • Replace—Replaces the entire configuration with the specified template items.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*