Getting Data In

What are the steps for a Splunk SH Migration from Cent OS to REDHAT from one VM to another VM?

kiranhar
Explorer

Team,

I need your assistance with the below task.

I need to migrate Splunk sh-2 (Non ES instance) from Cent OS to REDHAT from one VM to another VM.

I would appreciate it if you can provide step by step guide for this migration.

Note: We need to maintain the same IP address / Host Name of the existing VM ( Splunk Server).

Labels (1)
0 Karma
1 Solution

gcusello
SplunkTrust
SplunkTrust

Hi @kiranhar,

ok, so the path is the one I described in my previous post.

tell me if I can help you more, otherwise, please accept one answer for the other people of Community.

Ciao.

Giuseppe

P.S.: Karma Points are appreciated 😉

View solution in original post

0 Karma

gcusello
SplunkTrust
SplunkTrust

Hi @kiranhar,

folow these steps:

  • stop Splunk on the old SH,
  • tar all the /opt/splunk folder
  • copy the tar file in another system,
  • stop the old VM,
  • run the new VM,
  • copy the tar file on the new VM,
  • create the splunk user splunk group,
  • untar the tar file,
  • run Splunk,
  • run the command to automaticall start Splunk at boot (/opt/splunk/bin/splunk enable boot-start).

It's different is you have a different IP or hostname.

Ciao.

Giuseppe

0 Karma

kiranhar
Explorer

Hi Thanks for your response.

We wanted to keep the old setup until we migrate Splunk to the new VM. So, we have a new VM with new IP and new Hostname, later will change the IP and Host Name on the new Server as old one. Please advise on the steps for this scenario.

 

Awaiting your response.

0 Karma

gcusello
SplunkTrust
SplunkTrust

Hi @kiranhar,

if you want to migrate to another VM with different hostname and IP, you have to follow the same procedure, but, before restart the new VM, you have to manually modify the following conf files:

  • $SPLUNK_HOME/etc/system/local/server.conf
  • $SPLUNK_HOME/etc/system/local/inputs.conf

replacing the old hostname with the new one.

Ciao.

Giuseppe

0 Karma

kiranhar
Explorer

Hi,

Thanks for your respons. No, it is the same IP and Host to maintain on the new VM.

0 Karma

gcusello
SplunkTrust
SplunkTrust

Hi @kiranhar,

ok, so the path is the one I described in my previous post.

tell me if I can help you more, otherwise, please accept one answer for the other people of Community.

Ciao.

Giuseppe

P.S.: Karma Points are appreciated 😉

0 Karma

Arun
Observer

Hello @gcusello ,

 

I've followed the same method of migration as you reffered here. But when the entire setup is migrated from CentOS to RHEL. From backend all looks working fine but just the web UI does not comes up.

I tried doing multiple things but now luck.

- inputs and server. Conf has the same host name as of servers

- port 800 never comes up to listening state. Other ports are working as expected like 8089.8088 etc

-tired untaring the splunk package file on the new server as with the same version but no luck.

The web log and splunk.log  files under opt/splunk/var/log/splunk directory also does not speak anything about the issue

0 Karma

gcusello
SplunkTrust
SplunkTrust

Hi @Arun,

at first, I hint to open a different question, instead using an already closed one, this is better to you to have more answers.

Anyway, did you disabled local firewall (firewalld) on Red Hat?

I didn't experience the issues you describe, check the local firewall and the grants on the user you're using.

Ciao.

Giuseppe

0 Karma

kiranhar
Explorer

Thanks. Also, please advise, on how to create a Splunk user and Splunk group on the new Linux Server (Redhat). Please provide the steps.

0 Karma

gcusello
SplunkTrust
SplunkTrust

Hi @kiranhar,

good for you, see next time!

Ciao and happy splunking

Giuseppe

P.S.: Karma Points are appreciated 😉

0 Karma

gcusello
SplunkTrust
SplunkTrust

Hi @kiranhar,

I'm sorry but I'm a little rusty on Linux, anyway, you can find this on Google:

https://linuxize.com/post/how-to-add-user-to-group-in-linux/

or something else.

Ciao.

Giuseppe

0 Karma
Get Updates on the Splunk Community!

Enter the Splunk Community Dashboard Challenge for Your Chance to Win!

The Splunk Community Dashboard Challenge is underway! This is your chance to showcase your skills in creating ...

.conf24 | Session Scheduler is Live!!

.conf24 is happening June 11 - 14 in Las Vegas, and we are thrilled to announce that the conference catalog ...

Introducing the Splunk Community Dashboard Challenge!

Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...