Splunk upgrade deployment server

menonmanish · ‎03-10-2016

During Splunk upgrade (5.0.5 to 6.2.5) of our indexers, search head, deployment server we have noticed that all the deployment apps get refreshed in all the deployment clients and a lot of the universal forwarders do not restart and we have to manually restart it. Note: We are not upgrading the universal forwarders. Is there a way to prevent this from happening. During the upgrade, i don't think any change should happen to the serverclass and/or the deployment apps for the clients to get refreshed.

vasildavid · ‎03-10-2016

I believe the serverclasses are refreshed when the deployment server is restarted. One way you could avoid the agent restart is to check in your serverclass.conf and remove/comment out any instances of restartSplunkd = true.

somesoni2 · ‎03-10-2016

My guess would be that version upgrade on Deployment Servers is causing the bundle checksum (a handler deployment clients use to check if there is updated apps are available in deployment server) to get changed and all deployment clients are downloading apps with updated checksum.

menonmanish · ‎03-11-2016

That seems to be the case, but any idea if its a known issue?

Splunk upgrade deployment server

Re: Splunk upgrade deployment server

Re: Splunk upgrade deployment server

Re: Splunk upgrade deployment server