Installation

Upgrade Splunk Universal forwarder ?

Communicator

Hi Guys

Im a little confused, I need to upgrade what I believe is a Splunk universal forwarder, I think this as its located "C:\program files\SplunkUniversalForwarder" build version is below -

VERSION=4.3.2
BUILD=123586
PRODUCT=splunk
PLATFORM=Windows-AMD64

This is installed on a 2008 R2 64bit box, my issue is that when trying to upgrade with SplunkFprwarder-5.0.2-149561-x64-release

the upgrade seems to get about halfway though but then fails with this error -

Splunk Launcher - Splunk could not start splunks first time run - Error Code - 1

Im installing as a domain admin so its not related to privlidges, the other issue I see is that the only service that is running is called Splunk Forwarder, there are no other Splunk services installed from what I can see, I dont know if thatts an issue ?

any ideas guys ?

Tags (1)
0 Karma

Communicator

OK I have sorted it -

I ended up deleting the service from services, this was named SplunkForwarder ( it was the only Splunk service listed), of course it didnt go smoothly and there was an error to state that the service didnt exist, I then tried to restart the said service only to get yet another error.

I then ran the upgrade again which then got 1 step further but failed again but with another error stating that Splunk couldnt create a service, I then rebooted and ran the installer again and low and behold it installed without issue.

Communicator

Pleased I could help 🙂

Please give the tick box a tick to mark as an answer.

0 Karma

Communicator

This was a good tip. I had the same trouble installing v5.0.3 over v5.0.2. I stopped the service, then used a domain admin account to do the install. I did not have to reboot.

0 Karma

Communicator

EDIT --- exact error message is -

Splunk Installer was unable to launch Splunks first time run - Error Code 1

0 Karma

Communicator

Another thing that I noticed is that when upgrading Im asked questions such as the deployment servers details and forwarders details IP's even what logs I would like to monitor, on other machines with the upgrade it just installs without being prompted for this info.

0 Karma