Documentation
Wazuh 4.14 Documentation - SIEM/XDR Platform Guide
Wazuh 4.14 Operations - Upgrade and Maintenance

Wazuh 4.14 Operations - Upgrade and Maintenance

This section covers the essential operational aspects of the Wazuh 4.14 platform: upgrading components, backing up critical data, and diagnosing common issues. The material targets engineers who have already deployed Wazuh and are responsible for its day-to-day maintenance.

Operational Tasks

Wazuh operations fall into three categories:

  • Upgrade - transitioning between platform versions while preserving data and configuration
  • Backup - protecting configuration, rules, decoders, and indexed data against loss
  • Troubleshooting - identifying and resolving issues with platform components

Section Contents

Upgrading Wazuh

Procedures for upgrading all Wazuh components: upgrade order (indexer, server, dashboard, agents), version compatibility matrix, pre-upgrade checks, step-by-step instructions for each component, rollback on failure, and upgrade troubleshooting.

Backup and Recovery

Backup strategies for Wazuh data: critical files and directories, backup methods (filesystem, API, indexer snapshots), restoring from backups, disaster recovery planning, and backup automation.

Troubleshooting

Diagnosing common Wazuh issues: manager startup failures, agent connectivity problems, indexer and dashboard errors, performance degradation, log file locations, debug mode, and collecting diagnostic data for support requests.

Maintenance Recommendations

For stable Wazuh operation, follow these practices:

  1. Perform upgrades during a maintenance window with a prior backup
  2. Configure automated configuration backups at least once daily
  3. Monitor component health through the Server API and Indexer API
  4. Store backups on a separate host or in object storage
  5. Document all configuration changes to simplify future troubleshooting

Related Sections

Last updated on