Join the Conversation
- Find Answers
- :
- Splunk Administration
- :
- Admin Other
- :
- Installation
- :
- How to upgrade Splunk 6.1.3 to the latest version ...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
I have read the documentation provided in Splunk, but I just want the step by step commands to run on a Linux server from start to end since I don't have much knowledge in Linux.
Also, does it require sudo access to upgrade Splunk?
How do make a backup of Splunk and where to store the backup? Outside of the Splunk directory or inside of the Splunk directory? Is a backup really necessary to upgrade?
Please do suggest me how to do that if anyone is experienced in upgrading Splunk.
Thanks in Advance.
Environment: StandAlone (Splunk server alone acts as indexer, search head, deployment server)
Server details: Red Hat Linux
License Purchased: 50 Gb per day
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
HI Pavanae,
You'll want to prep by putting the new RPM in your repo, and taking a backup of Splunk's config
# as root, assumes $SPLUNKHOME is /opt/splunk
mkdir -p /tmp/splunkbackup
tar -czvf /tmp/splunkbackup/backup.tgz /opt/splunk/etc
and then do the upgrade
# as root
service stop splunk
yum clean all
yum upgrade splunk
Let me know if this makes sense, or if you have any questions. 😄
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The other answers are fine but you need to make sure that you so the upgrade as the same user that installed and started splunk. Use these commands
ls -al /opt/splunk/bin/splunk # the 3rd field is the owner of the binary
ps -eo pid,uname,comm | grep -i splunk # this shows who owns the running processes
Do the upgrade as the user that owns the binary. Do the $SPLUNK_HOME/bin/splunk start as the user that owns the running processes. They are usually, but definitely not always, the same user.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi pavanae,
follow the docs http://docs.splunk.com/Documentation/Splunk/6.3.0/Installation/Upgradeto6.3onUNIX it also covers what you should backup. BTW, you should always store a backup outside of the system/server the backup was made .... but this is not Splunk related, this is common sense 😉
Also, it depends on the upgrading approach you choose if you require sudo or not: if you use the tar ball to upgrade, this is done as Splunk user. If you choose the rpm or dkg package, this is normally done by using sudo
Hope this helps ...
cheers, MuS
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
HI Pavanae,
You'll want to prep by putting the new RPM in your repo, and taking a backup of Splunk's config
# as root, assumes $SPLUNKHOME is /opt/splunk
mkdir -p /tmp/splunkbackup
tar -czvf /tmp/splunkbackup/backup.tgz /opt/splunk/etc
and then do the upgrade
# as root
service stop splunk
yum clean all
yum upgrade splunk
Let me know if this makes sense, or if you have any questions. 😄
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
HI muebel as you said i did the backup. Now to compress the backup.tgz in any required directory?
App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community
Operationalizing Entity Risk Score with Enterprise Security 8.3+
Unlock Database Monitoring with Splunk Observability Cloud
