Hello Splunkers,
My Infrastructure team is going to patch all the servers where Splunk is currently installed. Are there any steps which i need to take to perform this activity.
Crossing your fingers might be a good precaution.
On a more serious note: without any further details, this is impossible to comment on. What OS, what is involved in the patching (e.g. are they going to reboot, or trigger splunk to restart), what does your splunk architecture look like, what availability requirements do you have...etc. etc.?
Right now i have details of OS level patching to remove the vulnerability of existing systems. Do we have any maintenance procedure of such activities ?
There is no generic Splunk maintenance procedure for OS level patching, as the approach will highly depend on all the things I mentioned in my previous comment (and more).