Need your advice reg. writing procedures to upgrade to for Win & Linux. Should I write one for each?


We have Spunk Ent. & ES both on Windows & RHEL (Linux). Are there much different procedures for Win vs Linux? Should I be writing on for each ? Or just one procedures for our entire environment. Some of my UFs are as old as 7.2.9 all the way up to 8.0.7. Thanks a million.

Labels (1)
Tags (1)
0 Karma

Esteemed Legend

Hi @SamHTexas,

you have to define a procedure for upgrade your environment (Splunk Enterprise, Enterprise Security, and all the Apps and TAs).

The upgrade procedure is one and depends on:

  • your architecture (distributed or stand-alone),
  • clusterized or not,
  • Splunk starting version (if youstart from 7, you have to pass through an intermediate version (e.g. 8.0.x).

Then for Linux and Windows you have to use different commands that you can find in the online documentation.

When you define the sequence of your steps, you can find the commands to use for Windows servers and Linux servers.





here is the general order to upgrade splunk environment

Of course you must first ensure that your own/additional apps and TAs are compatible with the new version and update those first if needed. 
r. Ismo

Get Updates on the Splunk Community!

Splunk Security Content for Threat Detection & Response, Q1 Roundup

Join Principal Threat Researcher, Michael Haag, as he walks through:An introduction to the Splunk Threat ...

Splunk Life | Happy Pride Month!

Happy Pride Month, Splunk Community! 🌈 In the United States, as well as many countries around the ...

SplunkTrust | Where Are They Now - Michael Uschmann

The Background Five years ago, Splunk published several videos showcasing members of the SplunkTrust to share ...