Installation
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How do we upgrade our 3 indexer cluster to a 4 indexer cluster with the latest Splunk version and migrate the old data?

athorat
Communicator
‎12-08-2015 01:06 PM

We have a distributed clustered environment and need to upgrade it to the latest version.
The plan is to install the latest version on a new set of physical servers.
How do we migrate the old data from the existing infrastructure (3 indexer cluster) to the new 4 indexer cluster.

Labels (2)
Labels
0 Karma
Reply

esix_splunk
Splunk Employee
Splunk Employee
‎12-08-2015 01:55 PM

If you can, your easiest solution would be run both clusters in parallel and utilize hybrid / distributed search to search the new and old clusters. Once your data is aged out, you can decommission the old clusters.

Another option would be to bring the new members into the cluster, up the REP factor and Search factor to balance across to the new members. Then decommission the older servers from the cluster..

0 Karma
Reply

athorat
Communicator
‎12-08-2015 02:54 PM

Thanks for the reply @esix

Thats a good option to run both servers in to parallel but if we decommission the old servers how about the users reports extracted fields, dashboards and other data.

How do we have those in the new systems.
We have one search head and 3 indexers. Planning to have 2 search heads and 4 indexers.

couple of questions regarding the second option. if we add new members to the cluster and up the rep factor how about the old data from the old servers if they are decommissioned.

If we have to migrate the users, reports, dashboards and alerts, what would be the approach to move them.

Thanks.

0 Karma
Reply
Get Updates on the Splunk Community!

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Survey for Splunk Admins and App Developers is open now! | Earn a $35 gift card!      Hello there,  Splunk ...

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...