Roll back firmware through the REST API

The ExtraHop REST API enables you to roll back firmware on the ExtraHop system to a previous version. In this topic, we show methods for rolling back firmware on a single system through the ExtraHop REST API Explorer and rolling back firmware on multiple systems with a Python script.

If you have upgraded both a Command appliance and connected Discover appliances (sensors), you must roll back the sensors before you roll back the Command appliance.

Warning:Rolling back the firmware on an appliance resets the datastore and removes all metrics. Connected appliances are unaffected.
Important:Rollback is not supported for Explore or Trace appliances. If you need to roll back Explore or Trace appliances, contact ExtraHop Support for assistance.

Roll back firmware through the REST API Explorer

Important:The REST API Explorer is not available on Reveal(x) 360.
  1. In a browser, navigate to the REST API Explorer.
    The URL is the hostname or IP address of your ExtraHop system, followed by /api/v1/explore/. For example, if your hostname is seattle-eda, the URL is https://seattle-eda/api/v1/explore/.
  2. Click Enter API Key and then paste or type your API key into the API Key field.
  3. Click Authorize and then click Close.
  4. View the previous version of firmware you can roll back to.
    1. Click ExtraHop and then click GET /extrahop​/firmware​/previous.
    2. Click Try it out.
    3. Click Send Request.
      The Server response section displays the following information:

      version: The previous firmware version that the system can be rolled back to.

      backup_time: The last time that the ExtraHop system generated a backup file before being upgraded to the current version, expressed in milliseconds since the epoch. The ExtraHop system automatically creates a backup each time the system is upgraded.

      The information appears in a format similar to the following text:

      {
        "version": "8.4.0.1522",
        "backup_time": 1617229294388
      }

  5. Roll back the firmware version.
    1. Click POST ​/extrahop​/firmware​/previous​/rollback.
    2. Click Try it out.
    3. Click Send Request.
      The Server response section displays a 202 status code.
      Note:The rollback process might take several minutes to complete.
  6. Verify the firmware upgrade is complete.
    1. Click GET ​/extrahop.
    2. Click Try it out.
    3. Click Send Request.
      If the firmware rollback process is complete, the Server response section displays a 200 status code and the version of firmware the ExtraHop system is currently running.

      If the firmware rollback process is still in progress, the Server response section displays a 503 error code.

Retrieve and run the example Python script

The ExtraHop GitHub repository contains an example Python script that rolls back firmware for multiple ExtraHop systems by reading URLs and API keys from a CSV file.

Important:The example python script authenticates to the ExtraHop system through an API key, which is not compatible with the Reveal(x) 360 REST API. To run this script with Reveal(x) 360, you must modify the script to authenticate with API tokens. See the py_rx360_auth.py script in the ExtraHop GitHub repository for an example of how to authenticate with API tokens.
  1. Go to the ExtraHop code-examples GitHub repository and download the rollback_firmware/rollback_firmware.py file to your local machine.
  2. Create a CSV file with rows that contain the following columns in the specified order:
    System hostname API key
    Tip:The rollback_firmware directory contains an example CSV file named systems.csv.
  3. In a text editor, open the upgrade_system.py file and replace the following configuration variables with information from your environment:

    SYSTEM_LIST: The relative file path of the CSV file.

  4. Run the following command:
    python3 rollback_firmware.py

    The script returns the version that each ExtraHop system can be rolled back to.

    Note:If the script returns an error message that the SSL certificate verification failed, make sure that a trusted certificate has been added to your ExtraHop system. Alternatively, you can add the verify=False option to bypass certificate verification. However, this method is not secure and not recommended. The following code sends an HTTP GET request without certificate verification:
    requests.get(url, headers=headers, verify=False)
  5. To start the rollback process, type y and press ENTER.
Last modified 2023-11-07