Knowledge Management

What is the best practice in using a local yum repository?

Michael
Contributor

We have a local RH mirror and set up Splunk RPMs in the distro.

If a system has Splunk on it, and there's an update package in the repository, it installs the new one just fine. Except on version differences where it requires the manual start (to accept that blasted license that no one reads) and to migrate the data (well, duh, we wouldn't be updating it and not migrating the data and configs...).

Justifications aside for those silly manually required interventions on an update; yes, you can use:

splunk start --answer-yes --no-prompt --accept-license

..will get you through it, but it's still requires you to enter that line. Trying to add the switches to the script in init.d doesn't appear to be supported (or we're doing it wrong).

This can't be the first time this has been encountered, and there's much larger organizations out there than mine... So, what's the best-practice way to handle this?

Thanks!
Mike

0 Karma
1 Solution

Michael
Contributor

OK.

After many go rounds with Splunk support, I finally have an answer: this can't be done. I wish they would have just said that in the beginning rather than pepper me with countless links to the doc on how to run --answer-yes etc..

So, if you're reading this, with the same question: give up. Turn back.

I only have about 900 unix systems; I was hoping someone else out here would have a suggestion.

Yes, I know, Puppet...

View solution in original post

0 Karma

bishopolis
Path Finder

https://www.rfaircloth.com/2017/03/07/automating-splunk-deployment-redhatcentos-poor-mans-edition/ says:

%triggerin -- splunkforwarder
/opt/splunkforwarder/bin/splunk enable boot-start --accept-license --answer-yes 
service splunk stop
mkdir -p /opt/splunkforwarder/etc/apps/org_all_deploymentclient/local    

Did you try this route and find it was no good? I'll build a similar trigger-laden package like this in a heartbeat !

0 Karma

Michael
Contributor

OK.

After many go rounds with Splunk support, I finally have an answer: this can't be done. I wish they would have just said that in the beginning rather than pepper me with countless links to the doc on how to run --answer-yes etc..

So, if you're reading this, with the same question: give up. Turn back.

I only have about 900 unix systems; I was hoping someone else out here would have a suggestion.

Yes, I know, Puppet...

0 Karma
Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...