Installation
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Upgrade Splunk from 8.2.6 to 8.2.12 or 9.0.6

carlospeto
Engager
‎09-13-2023 04:40 PM

Hello Splunk community,

I am new as splunk administrator here in the company and a few days ago i received the requirement to upgrade the splunk version.

We have splunk 8.2.6 and the minimum version required is 8.2.12, I'm not sure how big is the risk in upgrading process as we need to be sure the information in indexers is going to be safe and splunk must be operational.

i have read some of the upgrading documentation to version 9.0.6 but as is said i am not sure the best option with the minimum risk.

Do you have any advice?

Thank you!

Labels (1)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

isoutamo
SplunkTrust
SplunkTrust
‎11-02-2023 07:13 AM

Hi

as  "Splunk Enterprise version 8.2 is no longer supported as of September 30, 2023. See the Splunk Software Support Policy for details. For information about upgrading to a supported version, see How to upgrade Splunk Enterprise." it's best to go to 9.0.6.

Probably the biggest issue could be python2 if you are using it on some apps or modules. You could check that by  "Upgrade readiness app". Just ensure that it's running on your environment and give you a valid responses. Also you should read  https://lantern.splunk.com/Splunk_Platform/Product_Tips/Upgrades_and_Migration/Upgrading_the_Splunk_...

With those you should manage for updating the environment. Of course if you have distributed multisite environment with search head cluster and some enterprise apps then those instructions are not enough for any new admin. Then you should have some test environment and/or ask help from Splunk professional services or some other company which are concentrating to Splunk.

r. Ismo

View solution in original post

Reply
Solved! Jump to solution
Solution

isoutamo
SplunkTrust
SplunkTrust
‎11-02-2023 07:13 AM

Hi

as  "Splunk Enterprise version 8.2 is no longer supported as of September 30, 2023. See the Splunk Software Support Policy for details. For information about upgrading to a supported version, see How to upgrade Splunk Enterprise." it's best to go to 9.0.6.

Probably the biggest issue could be python2 if you are using it on some apps or modules. You could check that by  "Upgrade readiness app". Just ensure that it's running on your environment and give you a valid responses. Also you should read  https://lantern.splunk.com/Splunk_Platform/Product_Tips/Upgrades_and_Migration/Upgrading_the_Splunk_...

With those you should manage for updating the environment. Of course if you have distributed multisite environment with search head cluster and some enterprise apps then those instructions are not enough for any new admin. Then you should have some test environment and/or ask help from Splunk professional services or some other company which are concentrating to Splunk.

r. Ismo

Reply
Get Updates on the Splunk Community!

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer at Splunk .conf24 ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...

Share Your Ideas & Meet the Lantern team at .Conf! Plus All of This Month’s New ...

Splunk Lantern is Splunk’s customer success center that provides advice from Splunk experts on valuable data ...

Combine Multiline Logs into a Single Event with SOCK: a Step-by-Step Guide for ...

Combine multiline logs into a single event with SOCK - a step-by-step guide for newbies Olga Malita The ...