Deployment Architecture
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Solved! Jump to solution

Upgrade all universal forwarders using deployment servers. Is it possible as of 6.0.2?

gozulin
Communicator
‎04-08-2014 03:46 PM

we're having problems with a splunk bug (SPL-78457) and we need to upgrade our 128+ universal forwarders (linux+solaris) to version 6.0.2.

Can we do this using the deployment server? I really hope so!

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

martin_mueller
SplunkTrust
SplunkTrust
‎04-09-2014 01:28 AM

Yeah... upgrading forwarders using Deployment Server isn't possible. All it does is roll out apps with Splunk configuration in them.

View solution in original post

Reply
Solved! Jump to solution

christianvalin
Explorer
‎02-07-2017 04:19 AM

This lack of functionality seems like silliness... what if we created an app that ran a script or batch file (whatever matches the client) which in effect does:
a) retrieves a new pkg or msi to the client from wherever you host the new UF version if the local (client version does not match what is on the hosted location) - ok maybe even check the package download/copy for accuracy (using hash)
b) stop the UF locally (on the client)
c) runs the new pkg or msi (which by default the UF will auto-start yes? or if no, start the local UF).
d) exits gracefully.

so this would be an experiment but I bet someone has come up with this already (anyone have a working example?)

0 Karma
Reply
Solved! Jump to solution

martin_mueller
SplunkTrust
SplunkTrust
‎02-07-2017 06:54 AM

If you run that yourself it works, but if you let splunk invoke that as a scripted input the scripted input will terminate when splunk terminates.

0 Karma
Reply
Solved! Jump to solution

martin_mueller
SplunkTrust
SplunkTrust
‎02-07-2017 06:19 AM

Give it a go yourself. Save a foo.bat file in etc/system/bin and enable that as a scripted input. Put this into the file:

path\to\splunk\bin\splunk stop
path\to\splunk\bin\splunk start

Same approach but different slashes for 'nix. You'll see your Splunk stopped, but not started.

0 Karma
Reply
Solved! Jump to solution

christianvalin
Explorer
‎02-07-2017 06:41 AM

Works for me if I invoke it with cmd.exe batchfilename.bat or Linux-esque 'myrefresh.sh &'

0 Karma
Reply
Solved! Jump to solution

christianvalin
Explorer
‎02-07-2017 05:09 AM

Point b would not stop the script; the script or batch file runs independently - it is an invoked process. What it is - a little wasteful because each time the client checks in, it would invoke the script. But then again, do clients need to check in every five minutes? In most environments, probably not and every so many hours may suffice. Just saying.

0 Karma
Reply
Solved! Jump to solution

martin_mueller
SplunkTrust
SplunkTrust
‎02-07-2017 05:00 AM

Point b would stop your script.

0 Karma
Reply
Solved! Jump to solution
Solution

martin_mueller
SplunkTrust
SplunkTrust
‎04-09-2014 01:28 AM

Yeah... upgrading forwarders using Deployment Server isn't possible. All it does is roll out apps with Splunk configuration in them.

Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

This puzzle (first published here) is based on matching timestamps to cron expressions.All the timestamps ...

Design, Compete, Win: Submit Your Best Splunk Dashboards for a .conf26 Pass

Hello Splunkers,  We’re excited to kick off a Splunk Dashboard contest! We know that dashboards are a primary ...

May 2026 Splunk Expert Sessions: Security & Observability

Level Up Your Operations: May 2026 Splunk Expert Sessions Whether you are refining your security posture or ...