Upgrade Splunk Add-on for Unix and Linux version 8...

CarolinaHB · ‎12-12-2023

Hello, everyone!

Currently, I have the Splunk Add-on for Unix and Linux version 8.1.0 installed on my heavy forwarder. However, I need to upgrade it to the latest version, and I am seeking recommendations on how to carry out this process. Additionally, I would appreciate guidance on utilizing the deployment server to distribute the update to the Universal Forwarders.

God bless.

Regards

m_pham · ‎12-12-2023

If you plan on using a deployment server to update your TA or apps, then that would be the easiest route. It's a lot to cover on the deployment server if you haven't used it before, give the link below a read if you can:

https://docs.splunk.com/Documentation/Splunk/9.1.2/Updating/Deploymentserverarchitecture

Splunk also covers the deployment server part in this training: Splunk Enterprise System Administration

https://www.splunk.com/en_us/pdfs/training/splunk-enterprise-system-administration-course-descriptio...

https://www.splunk.com/en_us/training/course-catalog.html?filters=filterGroup2SplunkEnterpriseCertif...

The gist of a deployment server is:

Your non-distributed Splunk instances check into your deployment server (DS) to retrieve any apps you want to deploy. The TAs/apps are all on your DS (etc/deployment-apps) and you manage what app your Splunk instances get with the DS serverclass.conf.

Upgrade Splunk Add-on for Unix and Linux version 8.1.0 to version current

administration

configuration

upgrade

Splunk AI Assistant for SPL | Key Use Cases to Unlock the Power of SPL

Buttercup Games: Further Dashboarding Techniques (Part 5)

Customers Increasingly Choose Splunk for Observability