Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Timestamp Issue Impacting Splunk Products

sushainmagotra
Loves-to-Learn Lots
‎11-28-2019 08:25 AM

Hello,
We are using Splunk Enterprise version 7.2.3. We do not use two digit time stamp, we use Linux style time stamps. These will work also after January 1st 2020 right?. But if I got it right, they will not work after Sep. 13 2020.
So, we are planning to eventually upgrade Splunk. But as of now the minor upgrade with patched file for 7.2 versions is 7.2.9 which is not released yet. When will this upgrade be released ? or Do we need to upgrade to version 7.3 first and then its minor upgrade 7.3.3?

Please let me know. Waiting for a reply.

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

richgalloway
SplunkTrust
SplunkTrust
‎11-28-2019 06:14 PM

If you do not use any date strings in your inputs then you should be fine on 1 Jan 20, but it's a good idea to update the datetime.xml file anyway.
Yes, you will need to upgrade before 13 Sep 20. Release dates for patched versions have not been announced, yet. You should, however, be able to upgrade directly from 7.2.3 to 7.3.3.

---
If this reply helps you, Karma would be appreciated.

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

richgalloway
SplunkTrust
SplunkTrust
‎11-28-2019 06:14 PM

If you do not use any date strings in your inputs then you should be fine on 1 Jan 20, but it's a good idea to update the datetime.xml file anyway.
Yes, you will need to upgrade before 13 Sep 20. Release dates for patched versions have not been announced, yet. You should, however, be able to upgrade directly from 7.2.3 to 7.3.3.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply
Solved! Jump to solution

highsplunker
Contributor
‎12-01-2019 12:37 PM

Hello Rich!

Could you please explain a little bit. I'm not sure I understand. I heard the issue was important.
An example if possible.

Thank you in advance!

Best regards

0 Karma
Reply
Solved! Jump to solution

richgalloway
SplunkTrust
SplunkTrust
‎12-02-2019 03:30 AM

What part of the answer do you not understand? Why did you accept an answer you don't understand?
Yes, the issue is important. Those who use two-digit years need to patch their systems before 1 Jan 20; the rest of us need to patch them before 13 Sep 20.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply
Get Updates on the Splunk Community!

The OpenTelemetry Certified Associate (OTCA) Exam

What’s this OTCA exam? The Linux Foundation offers the OpenTelemetry Certified Associate (OTCA) credential to ...

From Manual to Agentic: Level Up Your SOC at Cisco Live

Welcome to the Era of the Agentic SOC   Are you tired of being a manual alert responder? The security ...

Splunk Classroom Chronicles: Training Tales and Testimonials (Episode 4)

Welcome back to Splunk Classroom Chronicles, our ongoing series where we shine a light on what really happens ...