How to Update openssh with splunk enterprise serve...

DatDuongVNCSG · ‎08-17-2023

Hi, I have a question and i hope received anwser the soon.

I am using Splunk Enterprise and install in server CentOS 7. Openssh is using vesion 7.4 and 8.1. I want update openssh in all splunk servers (8 server CentOS 7 include 2 search head cluster, 2 indexer cluster, 2 heavy forwarder, 1 deployment server and 1 master node) from 7.4, 8.1 to lastest openssh version still supported on CentOS 7. Version of splunk enterprise use is 8.0.7.

I would like to ask what effect the upgrade will have on Splunk's performance and what to prepare on Splunk before updating OpenSSH

Thanks for all!

isoutamo · ‎08-21-2023

Hi

updating OpenSSH shouldn’t affect your splunk installation. Of course if there are lot of other packages which are a requirement for updating OpenSSH, then the story is different. If all your servers are equal you should start with DS and check what will happen. Then go forward with others. Updating only OpenSSH shouldn’t need a server reboot, just restart sshd.

r. Ismo

How to Update openssh with splunk enterprise server?

configuration

installation

troubleshooting

upgrade

using Splunk Enterprise

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Announcing Modern Navigation: A New Era of Splunk User Experience

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

Join the Conversation

How to Update openssh with splunk enterprise server?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.