Hi Team,
Here is our scenario:
We needed to update the pass4SymmKey for the License Master and License Slaves.
We will update the parameter "pass4SymmKey" in the [general] stanza of the server.conf.
However,we have a complex Splunk environment.
The Splunk servers (License Master/Slaves) needed for this update are consists of ff:
Clustered Indexers
Clustered Search Heads
Non-Clustered Search Heads
Deployment Server
Deployer
Cluster Master
Heavy Forwarders
Can you help us sort out the steps needed to update parameter "pass4SymmKey" in the [general] stanza of the server.conf?
Currently, we have the steps below:
LICENSE MASTER
1. In License Master, use btool to locate the server.conf with [general] stanza
What tier should we implement the update next?
Also, for Clustered Indexers and Clustered Search Heads tier, is it okay to update and simply restart splunk? Or do we need to do some maintenance mode or rolling restart instead?
I hope you can help us. Thanks.
Perform steps 2 - 6 on the License Master, Cluster Master, and all Cluster Peers (Indexers.) The CM and LM should get a regular service restart, and the CP's can receive a rolling-restart if the pass4SymKey update is finished on all of them.
Once communications are re-established, verify CP connectivity on the LM. The various peers would appear under your license pool(s). If you need to, re-license the Cluster Peers: e.g. use the CLI command ./splunk edit licenser-localslave -master_uri 'https://my_lic_master:8089'
and verify CP connectivity on the LM.
After that, move on to performing steps 2 - 6 on the standalone SH, DS, and HF nodes.
For the final SHC and Deployer portion, I liked the post "How to set a new pass4SymmKey password on a search head cluster deployer"