Solved: What are the steps for a Splunk SH Migration from ...

kiranhar · ‎10-24-2022

Team,

I need your assistance with the below task.

I need to migrate Splunk sh-2 (Non ES instance) from Cent OS to REDHAT from one VM to another VM.

I would appreciate it if you can provide step by step guide for this migration.

Note: We need to maintain the same IP address / Host Name of the existing VM ( Splunk Server).

gcusello · ‎10-24-2022

Hi @kiranhar,

ok, so the path is the one I described in my previous post.

tell me if I can help you more, otherwise, please accept one answer for the other people of Community.

Ciao.

Giuseppe

P.S.: Karma Points are appreciated 😉

View solution in original post

gcusello · ‎10-24-2022

Hi @kiranhar,

folow these steps:

stop Splunk on the old SH,
tar all the /opt/splunk folder
copy the tar file in another system,
stop the old VM,
run the new VM,
copy the tar file on the new VM,
create the splunk user splunk group,
untar the tar file,
run Splunk,
run the command to automaticall start Splunk at boot (/opt/splunk/bin/splunk enable boot-start).

It's different is you have a different IP or hostname.

Ciao.

Giuseppe

kiranhar · ‎10-25-2022

Hi Thanks for your response.

We wanted to keep the old setup until we migrate Splunk to the new VM. So, we have a new VM with new IP and new Hostname, later will change the IP and Host Name on the new Server as old one. Please advise on the steps for this scenario.

Awaiting your response.

gcusello · ‎10-25-2022

Hi @kiranhar,

if you want to migrate to another VM with different hostname and IP, you have to follow the same procedure, but, before restart the new VM, you have to manually modify the following conf files:

$SPLUNK_HOME/etc/system/local/server.conf
$SPLUNK_HOME/etc/system/local/inputs.conf

replacing the old hostname with the new one.

Ciao.

Giuseppe

kiranhar · ‎10-24-2022

Hi,

Thanks for your respons. No, it is the same IP and Host to maintain on the new VM.

gcusello · ‎10-24-2022

Hi @kiranhar,

ok, so the path is the one I described in my previous post.

tell me if I can help you more, otherwise, please accept one answer for the other people of Community.

Ciao.

Giuseppe

P.S.: Karma Points are appreciated 😉

kiranhar · ‎10-24-2022

Thanks. Also, please advise, on how to create a Splunk user and Splunk group on the new Linux Server (Redhat). Please provide the steps.

gcusello · ‎10-27-2022

Hi @kiranhar,

good for you, see next time!

Ciao and happy splunking

Giuseppe

P.S.: Karma Points are appreciated 😉

gcusello · ‎10-24-2022

Hi @kiranhar,

I'm sorry but I'm a little rusty on Linux, anyway, you can find this on Google:

https://linuxize.com/post/how-to-add-user-to-group-in-linux/

or something else.

Ciao.

Giuseppe

What are the steps for a Splunk SH Migration from Cent OS to REDHAT from one VM to another VM?

other

Splunk Cloud | Empowering Splunk Administrators with Admin Config Service (ACS)

Tech Talk | One Log to Rule Them All

Splunk Security Content for Threat Detection & Response, Q1 Roundup