Installation
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to upgrade Splunk 6.1.3 to the latest version for a standalone instance on a Linux server?

pavanae
Builder
‎10-05-2015 02:15 PM

Hi,

I have read the documentation provided in Splunk, but I just want the step by step commands to run on a Linux server from start to end since I don't have much knowledge in Linux.

Also, does it require sudo access to upgrade Splunk?

How do make a backup of Splunk and where to store the backup? Outside of the Splunk directory or inside of the Splunk directory? Is a backup really necessary to upgrade?

Please do suggest me how to do that if anyone is experienced in upgrading Splunk.

Thanks in Advance.

Environment: StandAlone (Splunk server alone acts as indexer, search head, deployment server)
Server details: Red Hat Linux
License Purchased: 50 Gb per day

Labels (4)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

muebel
SplunkTrust
SplunkTrust
‎10-05-2015 02:30 PM

HI Pavanae,

You'll want to prep by putting the new RPM in your repo, and taking a backup of Splunk's config

# as root, assumes $SPLUNKHOME is /opt/splunk
mkdir -p /tmp/splunkbackup
tar -czvf /tmp/splunkbackup/backup.tgz /opt/splunk/etc

and then do the upgrade

# as root
service stop splunk
yum clean all
yum upgrade splunk

Let me know if this makes sense, or if you have any questions. 😄

View solution in original post

Reply
Solved! Jump to solution

woodcock
Esteemed Legend
‎10-05-2015 04:52 PM

The other answers are fine but you need to make sure that you so the upgrade as the same user that installed and started splunk. Use these commands

ls -al /opt/splunk/bin/splunk # the 3rd field is the owner of the binary
ps -eo pid,uname,comm | grep -i splunk # this shows who owns the running processes

Do the upgrade as the user that owns the binary. Do the $SPLUNK_HOME/bin/splunk start as the user that owns the running processes. They are usually, but definitely not always, the same user.

Reply
Solved! Jump to solution

MuS
Legend
‎10-05-2015 02:34 PM

Hi pavanae,

follow the docs http://docs.splunk.com/Documentation/Splunk/6.3.0/Installation/Upgradeto6.3onUNIX it also covers what you should backup. BTW, you should always store a backup outside of the system/server the backup was made .... but this is not Splunk related, this is common sense 😉

Also, it depends on the upgrading approach you choose if you require sudo or not: if you use the tar ball to upgrade, this is done as Splunk user. If you choose the rpm or dkg package, this is normally done by using sudo

Hope this helps ...

cheers, MuS

Reply
Solved! Jump to solution
Solution

muebel
SplunkTrust
SplunkTrust
‎10-05-2015 02:30 PM

HI Pavanae,

You'll want to prep by putting the new RPM in your repo, and taking a backup of Splunk's config

# as root, assumes $SPLUNKHOME is /opt/splunk
mkdir -p /tmp/splunkbackup
tar -czvf /tmp/splunkbackup/backup.tgz /opt/splunk/etc

and then do the upgrade

# as root
service stop splunk
yum clean all
yum upgrade splunk

Let me know if this makes sense, or if you have any questions. 😄

Reply
Solved! Jump to solution

pavanae
Builder
‎01-06-2016 10:11 PM

HI muebel as you said i did the backup. Now to compress the backup.tgz in any required directory?

0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...