Installation

Upgrade from 7.0.3 to 8.2.4

surban
New Member

I have been thrown into upgrading our current Splunk servers.

We are running 7.0.3 and need to get to the latest 8.2.4

Is that possible or do I need to do a step plan?

My current setup is as follow:

Master (not sure it is used)
Deployer
indexers (4)
searchheads (3)

Each individual server is a universal forwarder.  But we are looking at putting in intermediate UFs between the servers and the indexers.

I a new to Splunk, so not sure where all to start.  Also, how to verify licenses.

Labels (1)
0 Karma

inventsekar
Super Champion

Hi @surban ... As @richgalloway suggested, you should first upgrade to 8.0.x and then to the latest 8.2.x.

I assume indexer cluster is not used, please update us if you are using indexer cluster. 

do you use any other Splunk Apps (like Splunk DB Connect, Splunk Enterprise Security, etc),

 

All the best for your upgrade project, thanks. 

PS ... If any post helped you in any way, pls give a hi-five to the author with an upvote. if your issue got resolved, please accept the reply as solution.. thanks.
0 Karma

richgalloway
SplunkTrust
SplunkTrust

The first step is to figure if you Master Node is used or not because that will affect how the upgrade is done.  Look in $SPLUNK_HOME/etc/system/local for the [clustering] stanza.  If you see mode=master in that stanza then the MN is being used.

You'll need to upgrade to Splunk 8.0 or 8.1 before installing 8.2.4.  See https://docs.splunk.com/Documentation/Splunk/8.2.4/Installation/HowtoupgradeSplunk#Upgrade_paths_to_...

---
If this reply helps you, Karma would be appreciated.

isoutamo
SplunkTrust
SplunkTrust

Hi

a good document to getting known what you have if/when you have inherited your splunk environment https://docs.splunk.com/Documentation/Splunk/8.2.4/InheritedDeployment/Introduction

Here is instructions in which order you should update your environment https://community.splunk.com/t5/Installation/What-s-the-order-of-operations-for-upgrading-Splunk-Ent....

r. Ismo 

Get Updates on the Splunk Community!

Introducing Ingest Actions: Filter, Mask, Route, Repeat

WATCH NOW Ingest Actions (IA) is the best new way to easily filter, mask and route your data in Splunk® ...

Splunk Forwarders and Forced Time Based Load Balancing

Splunk customers use universal forwarders to collect and send data to Splunk. A universal forwarder can send ...

NEW! Log Views in Splunk Observability Dashboards Gives Context From a Single Page

Today, Splunk Observability releases log views, a new feature for users to add their logs data from Splunk Log ...