Hi All,

We are trying to upgrade the splunk universal forwarder from version 8.1.0 to 9.0.3 using ansible scripts. But we are getting error when the script tries to start the forwarder. Herewith attached error and ansible playbook.

Ansible playbook:

- name: Splunk Upgrade | Copy tgz to target
copy:
src: /pub/splunk/splunkpackages/{{ splunk_package }}
dest: /tmp/{{ splunk_package }}

- name: Splunk Upgrade | Check for SYSV scripts
stat:
path: /etc/rc.d/init.d/splunk
register: splunk_sysv

- name: Splunk Upgrade | Stop Splunk
shell: |
{{ splunk_home }}/bin/splunk stop
tar -cvf /opt/splunk_config_backup.tar {{ splunk_home }}/etc/

- name: Splunk Upgrade | Clean up SYSV scripts
shell: |
rm /etc/rc.d/init.d/splunk
/opt/splunkforwarder/bin/splunk disable boot-start
when: splunk_sysv.stat.exists
ignore_errors: yes

- name: Splunk Upgrade | Upgrade Forwarder and restart ==> in this task it getting failed
shell: |
cd /opt
tar -xzvf /tmp/{{ splunk_package }}
chown -R splunk:splunk /opt/splunkforwarder
{{ splunk_home }}/bin/splunk start --accept-license --answer-yes --no-prompt
register: splunk_upgrade

- name: Splunk Upgrade | Convert SYSV to Systemd
shell: |
{{ splunk_home }}/bin/splunk stop
chown -R splunk:splunk /opt/splunkforwarder
/opt/splunkforwarder/bin/splunk enable boot-start -user splunk
when: splunk_sysv.stat.exists

- name: Splunk Upgrade | start and enable splunk
service:
name: SplunkForwarder.service
enabled: true
state: started

- name: Splunk Upgrade | Cleanup tgz
file:
state: absent
path: /tmp/{{ splunk_package }}

Error in splunk forwarder log: