Installation
Highlighted

How to upgrade Splunk 6.1.3 to the latest version for a standalone instance on a Linux server?

Builder

Hi,

I have read the documentation provided in Splunk, but I just want the step by step commands to run on a Linux server from start to end since I don't have much knowledge in Linux.

Also, does it require sudo access to upgrade Splunk?

How do make a backup of Splunk and where to store the backup? Outside of the Splunk directory or inside of the Splunk directory? Is a backup really necessary to upgrade?

Please do suggest me how to do that if anyone is experienced in upgrading Splunk.

Thanks in Advance.

Environment: StandAlone (Splunk server alone acts as indexer, search head, deployment server)
Server details: Red Hat Linux
License Purchased: 50 Gb per day

Labels (4)
0 Karma
Highlighted

Re: How to upgrade Splunk 6.1.3 to the latest version for a standalone instance on a Linux server?

SplunkTrust
SplunkTrust

HI Pavanae,

You'll want to prep by putting the new RPM in your repo, and taking a backup of Splunk's config

# as root, assumes $SPLUNKHOME is /opt/splunk
mkdir -p /tmp/splunkbackup
tar -czvf /tmp/splunkbackup/backup.tgz /opt/splunk/etc

and then do the upgrade

# as root
service stop splunk
yum clean all
yum upgrade splunk

Let me know if this makes sense, or if you have any questions. 😄

View solution in original post

Highlighted

Re: How to upgrade Splunk 6.1.3 to the latest version for a standalone instance on a Linux server?

Builder

HI muebel as you said i did the backup. Now to compress the backup.tgz in any required directory?

0 Karma
Highlighted

Re: How to upgrade Splunk 6.1.3 to the latest version for a standalone instance on a Linux server?

SplunkTrust
SplunkTrust

Hi pavanae,

follow the docs http://docs.splunk.com/Documentation/Splunk/6.3.0/Installation/Upgradeto6.3onUNIX it also covers what you should backup. BTW, you should always store a backup outside of the system/server the backup was made .... but this is not Splunk related, this is common sense 😉

Also, it depends on the upgrading approach you choose if you require sudo or not: if you use the tar ball to upgrade, this is done as Splunk user. If you choose the rpm or dkg package, this is normally done by using sudo

Hope this helps ...

cheers, MuS

Highlighted

Re: How to upgrade Splunk 6.1.3 to the latest version for a standalone instance on a Linux server?

Esteemed Legend

The other answers are fine but you need to make sure that you so the upgrade as the same user that installed and started splunk. Use these commands

ls -al /opt/splunk/bin/splunk # the 3rd field is the owner of the binary
ps -eo pid,uname,comm | grep -i splunk # this shows who owns the running processes

Do the upgrade as the user that owns the binary. Do the $SPLUNK_HOME/bin/splunk start as the user that owns the running processes. They are usually, but definitely not always, the same user.