Installation

How to upgrade Splunk 6.1.3 to the latest version for a standalone instance on a Linux server?

pavanae
Builder

Hi,

I have read the documentation provided in Splunk, but I just want the step by step commands to run on a Linux server from start to end since I don't have much knowledge in Linux.

Also, does it require sudo access to upgrade Splunk?

How do make a backup of Splunk and where to store the backup? Outside of the Splunk directory or inside of the Splunk directory? Is a backup really necessary to upgrade?

Please do suggest me how to do that if anyone is experienced in upgrading Splunk.

Thanks in Advance.

Environment: StandAlone (Splunk server alone acts as indexer, search head, deployment server)
Server details: Red Hat Linux
License Purchased: 50 Gb per day

Labels (4)
0 Karma
1 Solution

muebel
SplunkTrust
SplunkTrust

HI Pavanae,

You'll want to prep by putting the new RPM in your repo, and taking a backup of Splunk's config

# as root, assumes $SPLUNKHOME is /opt/splunk
mkdir -p /tmp/splunkbackup
tar -czvf /tmp/splunkbackup/backup.tgz /opt/splunk/etc

and then do the upgrade

# as root
service stop splunk
yum clean all
yum upgrade splunk

Let me know if this makes sense, or if you have any questions. 😄

View solution in original post

woodcock
Esteemed Legend

The other answers are fine but you need to make sure that you so the upgrade as the same user that installed and started splunk. Use these commands

ls -al /opt/splunk/bin/splunk # the 3rd field is the owner of the binary
ps -eo pid,uname,comm | grep -i splunk # this shows who owns the running processes

Do the upgrade as the user that owns the binary. Do the $SPLUNK_HOME/bin/splunk start as the user that owns the running processes. They are usually, but definitely not always, the same user.

MuS
SplunkTrust
SplunkTrust

Hi pavanae,

follow the docs http://docs.splunk.com/Documentation/Splunk/6.3.0/Installation/Upgradeto6.3onUNIX it also covers what you should backup. BTW, you should always store a backup outside of the system/server the backup was made .... but this is not Splunk related, this is common sense 😉

Also, it depends on the upgrading approach you choose if you require sudo or not: if you use the tar ball to upgrade, this is done as Splunk user. If you choose the rpm or dkg package, this is normally done by using sudo

Hope this helps ...

cheers, MuS

muebel
SplunkTrust
SplunkTrust

HI Pavanae,

You'll want to prep by putting the new RPM in your repo, and taking a backup of Splunk's config

# as root, assumes $SPLUNKHOME is /opt/splunk
mkdir -p /tmp/splunkbackup
tar -czvf /tmp/splunkbackup/backup.tgz /opt/splunk/etc

and then do the upgrade

# as root
service stop splunk
yum clean all
yum upgrade splunk

Let me know if this makes sense, or if you have any questions. 😄

pavanae
Builder

HI muebel as you said i did the backup. Now to compress the backup.tgz in any required directory?

0 Karma
Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...