[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-29 UTC."],[[["\u003cp\u003eThis document guides users through a major upgrade of an existing remote agent using a Docker image within the Google SecOps SOAR environment.\u003c/p\u003e\n"],["\u003cp\u003eThe process begins by copying a Docker command from the Major Upgrade dialog and then pulling the latest Docker image to the local machine.\u003c/p\u003e\n"],["\u003cp\u003eUsers are required to interact with the current running agent container by stopping it, renaming it as a backup, and extracting environment variables, which are modified and placed in a temp file.\u003c/p\u003e\n"],["\u003cp\u003eAfter running the new agent image, the original environment variables are copied back to the new container, followed by restarting the agent service to apply these variables.\u003c/p\u003e\n"],["\u003cp\u003eThe process requires the user to gather the agent container ID, as well as the new agent container ID to apply changes, and requires the use of specific commands via the docker CLI.\u003c/p\u003e\n"]]],[],null,["# Perform a major upgrade of a Docker image\n=========================================\n\nSupported in: \nGoogle secops [SOAR](/chronicle/docs/secops/google-secops-soar-toc) \nThis document explains how to perform a major upgrade for an existing remote\nagent using the Docker image.\n\nThis procedure assumes that you have selected the remote agent upgrade option\nand are looking at the **Major Upgrade** dialog.\n\n1. Copy the Docker command that is displayed in the **Major Upgrade** dialog and paste it into the code here as a placeholder for later on. \n\n ```bash\n DOCKER_COMMAND\n ```\n2. List the current running Docker containers. \n\n ```bash\n docker ps\n ```\n3. Enter your agent's container ID. \n\n ```bash\n CONTAINER_ID\n ```\n4. Enter your agent's container name. \n\n ```bash\n AGENT_NAME\n ```\n .\n5. Pull the latest Docker image to your machine using the following command. You can change the `latest` tag to a specific version such as 1.4.8.3. \n\n ```bash\n docker pull us-docker.pkg.dev/siem-ar-public/images/agent:latest\n ```\n6. Copy the modified environment variables to a local temporary file. \n\n ```bash\n docker exec CONTAINER_ID cat /home/siemplify_agent/.bash_profile \u003e temp_bash_profile.txt\n ```\n7. Stop the agent's Docker container. \n\n ```bash\n docker stop CONTAINER_ID\n ```\n8. Rename the container in order to have it as a backup. \n\n ```bash\n docker rename AGENT_NAME AGENT_NAME_backup\n ```\n9. Run the new agent image. If you changed the `latest` tag in step 5, change it here as well. \n\n ```bash\n DOCKER_COMMAND\n ```\n10. List running Docker containers. \n\n ```bash\n docker ps\n ```\n11. Enter your agent's new container ID: \n\n ```bash\n NEW_CONTAINER_ID\n ```\n12. Copy the original contents of `.bash_profile` to the new container. \n\n ```bash\n cat temp_bash_profile.txt | docker exec -i \n NEW_CONTAINER_ID sh -c 'cat \u003e /home/siemplify_agent/.bash_profile'\n ```\n13. Restart the agent service to apply the modified environment variables. \n\n ```bash\n docker exec NEW_CONTAINER_ID supervisorctl restart all\n ```\n\n**Need more help?** [Get answers from Community members and Google SecOps professionals.](https://security.googlecloudcommunity.com/google-security-operations-2)"]]
