Installation

What’s the path of upgrading from 7.3.3 with ES and ITSI to 8.0?

danielbb
Motivator

We would like to upgrade from 7.3.3 to 8.0, having ITSI and ES. How should we go about it?

Labels (1)
Tags (4)
0 Karma

esnyder_splunk
Splunk Employee
Splunk Employee

Note that 8.0 is the Python 3 release of Splunk. Whether you want to use Python 2 or 3, the order of operations and the appropriate versions of apps and add-ons are more rigid than usual. Full instructions for all upgrade scenarios with ITSI are covered here: Python 3 migration with ITSI.

Note the following:
- ITSI version 4.4.x is completely Python 2/3 compatible.
- Splunk Enterprise Security version 6.0 is compatible with Splunk Enterprise version 8.0, though it currently requires the Python 2 interpreter that ships with Splunk Enterprise 8.0.

Your upgrade path depends on whether or not you want to use Python 2 or Python 3. Regardless, because of the Python 3 migration changes, you MUST upgrade ITSI before you upgrade Splunk Enterprise, or else ITSI breaks.

Note: ITSI 4.4.x is the only version that's compatible with Splunk Enterprise version 8.0.x. See the Splunk products version compatibility matrix for more information.

A more complete manual for Python 3 migration with all premium apps (including ITSI and ES) is available in the Splunk Enterprise Python 3 Migration manual: https://docs.splunk.com/Documentation/Splunk/latest/Python3Migration/AboutMigration

0 Karma
Register for .conf21 Now! Go Vegas or Go Virtual!

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.