- Apps and Add-ons
- :
- All Apps and Add-ons
- :
- How to upgrade Splunk 6.5 to a 7.3 version running...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How to upgrade Splunk 6.5 to a 7.3 version running on Amazon AMI Linux ?
We have 8 servers all in Amazon AMI Linux. kinldy assist me how to proceed and what is the serial order to start.
3 search head
2 Indexer
1 heavy forwarder
1 deployment server/Licence
1 Deployed
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for your knowledge, it helped be prioritize according to the instances.
kinldy guide me if I need new server or I could upgrade on the same server. we are using AWS linux server.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
No need to change the server. If the specs were for 6.5, you'll be fine now with 7.3
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Tiagofbmm,
Thanks for sharing knowledge !
we do have Cluster master. one more information i require:- our Splunk Enterprise is configured in Amazon AMI linux. do we require new server to upgrade, or on the running server we can download the file and install the upgraded version 7.3.
Note :- Currently we have upgraded Checkpoint firewall, it required new server to upgrade. on old running server upgradation is not supported.
can you please help me out to know that on the current server is ok to upgrade or need new server with different configuration to run Splunk Service.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I don't see any issue in maintaining AMI as OS for Splunk, I have seen it myself very recently in customers of mine.
Please upvote and accept the answer if you are happy with it
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yes i agree. Thanks.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Don't you have a Cluster Master too?
The order should be:
1 - License
2 - Cluster Master
3 - Deployer - Upgrade it but keep it shutdown until you upgrade your Search Heads, so they don't contact a Deployer in a different version
4 - Search Heads
5 - Indexers
6 - Heavy Forwarders
If you have a multi-site indexers cluster and you're not willing to shutdown all sites to do the upgrade in all of them at once, for it to be a Splunk Supported upgrade you need to have intermediate upgrades at 7.0, 7.1, 7.2 and finally 7.3. If you can shut all indexers down, then it would be a straight upgrade to 7.3
More Control Over Your Monitoring Costs with Archived Metrics!
New in Observability Cloud - Explicit Bucket Histograms
Updated Team Landing Page in Splunk Observability
