When you update Endpoint Detection and Response (EDR) to a new version, the upgrade seems to hang.
Endpoint Detection and Response (either virtual machine or appliance), formerly known as Advanced Threat Protection (ATP) Platform
Run the following command, at the command line interface (CLI), to check the status of the update:
If the update failed, clear the failed update, and manually download and install the update.
To clean up and download the update:
If the update download fails or does not complete in a reasonable time, you can dump the packets from the network interface to help determine why the download is slow or stopped. A 15-minute packet dump should provide sufficient data. You can use the following command to create the packet dump:
tcpdump -s 0 -q -C 20 -w eth0.pcap -i eth0 -Z root
After about 15 minutes, press CTRL+C to stop the packet capture. The packet capture file appears in the directory from which you ran the command, and has the name "eth0.pcap".
If update install is hung or failed, run the following command, as the Support account, to verify that the update processes are running:
ps -elf | grep update | grep -v grep
If there are no update processes running, run the following command, and then restart the package installation: