Installation

Having issues when manually upgrading from Splunk version 7.0.3 to 7.2.6.

manikandankasi
Explorer

Hi,

I'm currently upgrading Splunk version from 7.0.3 to 7.2.6.

If I do a manual upgrade it works fine. But if I try to do via automated Jenkins pipeline it's showing that I am installing Splunk for the first time. There is no admin user information & credentials.

Splunk cluster currently in AWS cloud.
Whenever I try to rebuild the stack, it thinks I am installing for the first time. i

Are there any additional processes or steps to follow to overcome this issue?
Please guide me on this. I followed the Splunk documentation exactly.

Thanks in Advance,

Regards,
Mani

Labels (1)
0 Karma

sloshburch
Splunk Employee
Splunk Employee

My guess is that Splunk is already installed in a custom directory but your automation uses rpm which is trying to install into /opt/splunk. Therefore, you're creating a new install rather than doing an upgrade.

Share more details, like output, screenshots, scripts, etc... and we can help further.

0 Karma

gjanders
SplunkTrust
SplunkTrust

Refer to Create secure administrator credentials if you are using a fresh install, I find the user-seed.conf the easiest way.

If you want to use systemd (the default on 7.2.6) refer to Splunk systemd unit file in versions 7.2.2 and newer - how do I stop this prompting for the root pas... or use the flag to use init.d as per Configure Splunk Enterprise to start at boot time in particular refer to "Enable boot-start on machines that run systemd" but use the 0 argument to use init.d instead.

0 Karma

codebuilder
Influencer

Splunk 7.0.3 runs under /etc/init.d while 7.2.6 runs under systemd (depending on your environment).

Under systemd, the splunk unit files are owned and executed as the root user by default (though they invoke the Splunk daemon as the splunk user). These can be viewed/configured at /opt/splunk/etc/splunk-lauch.conf

These settings can additionally be configured at install/upgrade time via CLI, or whatever script/job your build process is using.

----
An upvote would be appreciated and Accept Solution if it helps!
0 Karma

sloshburch
Splunk Employee
Splunk Employee

I think the issue is more that instead of upgrading, the process being used is installing from scratch in another location. I don't think this question is about the startup scripts.

0 Karma

woodcock
Esteemed Legend

Are you using tarball or rpm?

0 Karma

manikandankasi
Explorer

Im using rpm only.

0 Karma

FrankVl
Ultra Champion

Maybe share the script (and/or other relevant details) you're using to install it through Jenkins? Apparently that does something different than a manual upgrade.

0 Karma

manikandankasi
Explorer

Yes. im installing through jenkins pipeline. and installing 7.2.6 version.

0 Karma
Get Updates on the Splunk Community!

Take Your Breath Away with Splunk Risk-Based Alerting (RBA)

WATCH NOW!The Splunk Guide to Risk-Based Alerting is here to empower your SOC like never before. Join Haylee ...

Industry Solutions for Supply Chain and OT, Amazon Use Cases, Plus More New Articles ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Enterprise Security Content Update (ESCU) | New Releases

In November, the Splunk Threat Research Team had one release of new security content via the Enterprise ...