Splunk Enterprise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Is there a reason why the Upgrade Readiness App does not scan deployment-apps?

BlueSocket
Communicator
3 weeks ago

In the Splunk URA, it says that it includes the /etc/apps and /etc/peer-apps folders in the scans, but it does not include the deployment-apps folder as well.

Therefore, the process for scanning apps in the deployment-apps folder is to find these in other places within the environment where SplunkWeb is running and then install/update and run there. 

There are more and more companies who are using SplunkCloud and the on-prem presence of Splunk is now mostly managed by the Splunk DS, so why can we not have the ability (in the Splunk URA) to scan the deployment-apps folder, so that it makes on-prem upgrades easier?

Labels (2)
Labels
0 Karma
Reply

BlueSocket
Communicator
3 weeks ago

I disagree. The DS should be the highest version of any machine in the Splunk infrastructure (if Splunk Best Practice is adhered to). If the app is scanned and found to be compatible with that on the DS, then, in theory, the app should be compatible with the version of Splunk on the DS (or later, if the tests are forward-looking)?

0 Karma
Reply

rishabhshah
Path Finder
3 weeks ago

In theory and as a best practice it should but it is unlikely that all the DC will be on same version as DS unless all the best practice are followed. Either it will be on same or lower version than DS.

Reply

dural_yyz
Builder
3 weeks ago

I agree.  My last environment I managed had UF versions ranging from high 6.x to low 9.1.x.  Any upgrade readiness scans would lite up like a Christmas tree looking at the DS folder.

0 Karma
Reply

rishabhshah
Path Finder
3 weeks ago

There is no requirement in scanning the deployment-apps folder as those apps are anyways going to get deployed on the deployment clients and can be scanned while upgrading the deployment client. The compatibility issue with the Splunk version won't exist when the app is present in the deployment-app folder. I hope this helps.

0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...