Installation
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Upgrade from 7.0.3 to 8.2.4

surban
New Member
‎12-30-2021 08:45 AM

I have been thrown into upgrading our current Splunk servers.

We are running 7.0.3 and need to get to the latest 8.2.4

Is that possible or do I need to do a step plan?

My current setup is as follow:

Master (not sure it is used)
Deployer
indexers (4)
searchheads (3)

Each individual server is a universal forwarder.  But we are looking at putting in intermediate UFs between the servers and the indexers.

I a new to Splunk, so not sure where all to start.  Also, how to verify licenses.

Labels (1)
Labels
0 Karma
Reply

inventsekar
Ultra Champion
‎12-31-2021 01:15 AM

Hi @surban ... As @richgalloway suggested, you should first upgrade to 8.0.x and then to the latest 8.2.x.

I assume indexer cluster is not used, please update us if you are using indexer cluster. 

do you use any other Splunk Apps (like Splunk DB Connect, Splunk Enterprise Security, etc),

 

All the best for your upgrade project, thanks. 

0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎12-30-2021 05:18 PM

The first step is to figure if you Master Node is used or not because that will affect how the upgrade is done.  Look in $SPLUNK_HOME/etc/system/local for the [clustering] stanza.  If you see mode=master in that stanza then the MN is being used.

You'll need to upgrade to Splunk 8.0 or 8.1 before installing 8.2.4.  See https://docs.splunk.com/Documentation/Splunk/8.2.4/Installation/HowtoupgradeSplunk#Upgrade_paths_to_...

---
If this reply helps you, Karma would be appreciated.
Reply

isoutamo
SplunkTrust
SplunkTrust
‎12-30-2021 11:34 PM

Hi

a good document to getting known what you have if/when you have inherited your splunk environment https://docs.splunk.com/Documentation/Splunk/8.2.4/InheritedDeployment/Introduction

Here is instructions in which order you should update your environment https://community.splunk.com/t5/Installation/What-s-the-order-of-operations-for-upgrading-Splunk-Ent....

r. Ismo 

Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In the last month, the Splunk Threat Research Team (STRT) has had 2 releases of new security content via the ...

Announcing the 1st Round Champion’s Tribute Winners of the Great Resilience Quest

We are happy to announce the 20 lucky questers who are selected to be the first round of Champion's Tribute ...

We’ve Got Education Validation!

Are you feeling it? All the career-boosting benefits of up-skilling with Splunk? It’s not just a feeling, it's ...