Monitoring Splunk
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Migrating data from old server to new server while upgrading Splunk 9.3

prasireddy
Explorer
2 weeks ago

Please can anyone what are steps to migrate the old data to new server while upgrading the splunk to 9.3 version i have checked the splunk document but i did not understand properly.Kindly please could help anyone help on this. Prasent splunk vesrion is 8.2.0  

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

PickleRick
SplunkTrust
SplunkTrust
a week ago

OK. So you're not "upgrading" but moving your installation from a 6.10 RHEL box to a 9.x one.

The way to go is

1) Install and configure new server

2) Migrate splunk in the same version as you already have. See https://docs.splunk.com/Documentation/Splunk/8.2.0/Installation/MigrateaSplunkinstance

One thing - if your installation was RPM-based, before moving contents of the old Splunk installation, install a fresh RPM (still the original 8.2 version!) before overwriting it with actual production files so that RPM database is properly populated.

Unfortunately, if you're moving from one server to another (having new name, new IP and so one) you have to go through the configs and fix the things that point to the old name, IP and possibly certificate. And we can't know beforehand about all the configuration items you have to change.

3) After you have your 8.2 instance working in a new place, perform the upgrade to the desired version using the official upgrade path (you can't upgrade directly from 8.2 to 9.3)

View solution in original post

Reply
Solved! Jump to solution

prasireddy
Explorer
a week ago

Hi @PickleRick ,
firstly we planning to migrate data from existing server new server then afterwards splunk upgrade so here i wanted to know the steps  how to migrate data from my existing server to new server..within the server we know but now its new server so asking you how to migrate data.and the second  thing the installation and upgrade my team will see that and here i need only how to migrate my data.
so kindly please help on this

0 Karma
Reply
Solved! Jump to solution

PickleRick
SplunkTrust
SplunkTrust
a week ago

Again - it depends whether by "migrate" you mean just replace the box and leave everything as it was before (IP, name, storage layout) or are you planning any changes. Do you want to stay with the same underlying OS or do you plan to migrate, for example, from debian to RH? How was your system installed? A dpkg/rpm package? A simple unpack from tgz? A docker container?

0 Karma
Reply
Solved! Jump to solution

prasireddy
Explorer
a week ago

Hi @PickleRick 

Actually in phase-1 we are upgrading RHEL version (6.10 to 9.x--- just same OS but we are upgrading the version) the RHEL upgrade we are planning in new separate server from the scratch and after  RHEL upgrade,in phase-2 we have a splunk upgrade(8.2 to 9.x) . So in phase-1 we are installing  existed splunk version (8..2)  in new server and we need data migration from existed server to new server.Please could you help on this...




Thank You in advance..

0 Karma
Reply
Solved! Jump to solution
Solution

PickleRick
SplunkTrust
SplunkTrust
a week ago

OK. So you're not "upgrading" but moving your installation from a 6.10 RHEL box to a 9.x one.

The way to go is

1) Install and configure new server

2) Migrate splunk in the same version as you already have. See https://docs.splunk.com/Documentation/Splunk/8.2.0/Installation/MigrateaSplunkinstance

One thing - if your installation was RPM-based, before moving contents of the old Splunk installation, install a fresh RPM (still the original 8.2 version!) before overwriting it with actual production files so that RPM database is properly populated.

Unfortunately, if you're moving from one server to another (having new name, new IP and so one) you have to go through the configs and fix the things that point to the old name, IP and possibly certificate. And we can't know beforehand about all the configuration items you have to change.

3) After you have your 8.2 instance working in a new place, perform the upgrade to the desired version using the official upgrade path (you can't upgrade directly from 8.2 to 9.3)

Reply
Solved! Jump to solution

prasireddy
Explorer
a week ago

Thank you so much @PickleRick  it very useful information.

0 Karma
Reply
Solved! Jump to solution

PickleRick
SplunkTrust
SplunkTrust
2 weeks ago

First and foremost - don't do two things at once - either upgrade and then migrate or migrate then upgrade.

Also - what things you don't understand? It's impossible to do a step by step instructions to do something like that without at least some knowledge and understanding on your side what you're doing. Should anything go wrong how will you be able to troubleshoot and fix your installation?

0 Karma
Reply
Get Updates on the Splunk Community!

New This Month in Splunk Observability Cloud - Metrics Usage Analytics, Enhanced K8s ...

The latest enhancements across the Splunk Observability portfolio deliver greater flexibility, better data and ...

Alerting Best Practices: How to Create Good Detectors

At their best, detectors and the alerts they trigger notify teams when applications aren’t performing as ...

Discover Powerful New Features in Splunk Cloud Platform: Enhanced Analytics, ...

Hey Splunky people! We are excited to share the latest updates in Splunk Cloud Platform 9.3.2408. In this ...