Installation
Highlighted

Any known issues when upgrading from 7.0.5 to 7.1.6?

Ultra Champion

We are planning to upgrade from 7.0.5 to 7.1.6 for our lower environment.

Are there any known issues with 7.1.6?

Labels (1)
Tags (3)
0 Karma
Highlighted

Re: Any known issues when upgrading from 7.0.5 to 7.1.6?

Ultra Champion

In some circumstances, (specifically with lookups and the dedup command), there were huge memory, performance and crashing issues.

I had cases open through many of the 7.1 -7.2x branches, all of which have cleared up with 7.2.4

I would encourage you to test 7.1 throughly to see if you will suffer from these issues, or consider jumping to the latest 7.2.4.2

View solution in original post

Highlighted

Re: Any known issues when upgrading from 7.0.5 to 7.1.6?

Ultra Champion

Support said -

-- What you were told in Answers is true!

There were quite a few issues with memory throughout 7.X -- the most stable release in all of 7.X would be indeed 7.2.4; If you are utilizing SmartStore(s2), then the .2 (7.2.4.2) patch is recommended as well.

0 Karma
Highlighted

Re: Any known issues when upgrading from 7.0.5 to 7.1.6?

Ultra Champion

Our Sales Engineer said -

That’s a really generic complaint. I’d need bug tracker numbers (usually SPL-XXXXXX) to find out.

Actually, I THINK I managed to find it. It was addressed by 7.1.4 and 7.2.0. You’re fine.

0 Karma
Highlighted

Re: Any known issues when upgrading from 7.0.5 to 7.1.6?

Ultra Champion

My bugs were SPL-162166 and SPL-162548 (fixed in 7.2.4) and SPL-156444 which I think was patched out in 7.1.4 (although it escaped the release notes)

Highlighted

Re: Any known issues when upgrading from 7.0.5 to 7.1.6?

Ultra Champion

Very very kind @nickhillscpl !!!!

0 Karma
Highlighted

Re: Any known issues when upgrading from 7.0.5 to 7.1.6?

Ultra Champion

Interesting thing. Looking at https://docs.splunk.com/Documentation/Splunk/7.2.4/ReleaseNotes/Knownissues

And I don't see there SPL-162166 and SPL-162548. Where are they documented?

0 Karma
Highlighted

Re: Any known issues when upgrading from 7.0.5 to 7.1.6?

Ultra Champion

They are in 'fixed' issues - not 'known' https://docs.splunk.com/Documentation/Splunk/7.2.4/ReleaseNotes/Fixedissues

2019-01-16 SPL-162166, SPL-162548 splunkd: /opt/splunk/src/search/processors/lookup/IndexedCsvDataProvider.cpp:165: virtual void IndexedCsvDataProvider::lookupBatch(UnpackedResults&, const SearchResultsInfo&, const LookupDefinition&): Assertion `!parseonly' failed.

Although I have no idea what any of that means, and they were my bugs 🙂

0 Karma
Highlighted

Re: Any known issues when upgrading from 7.0.5 to 7.1.6?

Ultra Champion

From Support -

It is in the known issues page for 7.2.0
https://docs.splunk.com/Documentation/Splunk/7.2.0/ReleaseNotes/Knownissues

and for the SPL mentioned in the email prior to your last (SPL-156444):
https://docs.splunk.com/Documentation/Splunk/7.1.4/ReleaseNotes/Fixedissues

From the Sales Engineer -

SPL-162166 only affects 7.2.x branches, 7.1.6 will be unaffected.
SPL-162548 only affects 7.2.x branches. 7.1.6 will be unaffected.

If 7.2.4 is not palatable, 7.1.6 looks like a solid release. Of course, extensive testing for your usecases is important with any deployment. Please let us know if you encounter unexpected issues.

0 Karma
Highlighted

Re: Any known issues when upgrading from 7.0.5 to 7.1.6?

Ultra Champion

As an aside https://docs.splunk.com/Documentation/Splunk/7.2.0/ReleaseNotes/Knownissues

SPL-162166, SPL-162548 gives this lovely search to find the largest lookups and in our environment, naturally the largest ones are ITSI's -

index=_* sourcetype=audittrail path=*lookups* size=* 
| stats max(size) AS size BY host, path 
| append 
    [| rest services/server/introspection/kvstore/collectionstats 
    | mvexpand data 
    | table splunk_server title data 
    | spath input=data 
    | fields splunk_server size ns ] 
| eval host=coalesce(host,splunk_server) 
| fields host path ns size 
| sort size
0 Karma