Splunk Enterprise Security

Splunk 6.5.1 and Splunk Enterprise Security 4.5.1: What is upgrade path from Splunk 6.4.0 and ES 4.1.1?

Contributor

Hi,

I know the order to upgrade Splunk components. But don't totally understand the path to upgrade from Splunk Enterprise 6.4.0 / Splunk Enterprise Security (ES) 4.1.1 to Splunk Enterprise 6.5.1 / ES 4.5.1 on the ES search head only.

Do I need to bring current ES 4.1.1 to Enterprise 6.4.4 first? Then upgrade to ES 4.5.1, then upgrade Enterprise to 6.5.1? Can anyone help? Thank you.

0 Karma
1 Solution

Splunk Employee
Splunk Employee

Upgrade your core to 6.5.1

Then after you restart your search head upgrade to ES4.5.1

If it were me I would wait for 6.5.2 which should be coming soon.

It addresses a bundle replication issue and an ssl performance issue

View solution in original post

0 Karma

Splunk Employee
Splunk Employee

Upgrade your core to 6.5.1

Then after you restart your search head upgrade to ES4.5.1

If it were me I would wait for 6.5.2 which should be coming soon.

It addresses a bundle replication issue and an ssl performance issue

View solution in original post

0 Karma

Ultra Champion

For posterity, anyone who lands on this in the future may also appreciate @jmulcaster_splunk's post of an order-of-operations diagram with links to relevant documentation to help with upgrade planning. Check it out and let us know if you find it helpful. What's the order of operations for upgrading Splunk Enterprise?

0 Karma

Contributor

Thank you.

0 Karma
State of Splunk Careers

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!