- Community
- :
- Splunk Answers
- :
- Splunk Platform Products
- :
- Splunk Enterprise
- :
- Re: Migrate Splunk from Windows to Linux question
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Migrate Splunk from Windows to Linux question
I am planning a migration from Windows to Linux.
As I found in Splunk guide, I did following steps:
1. remove instance from distributed search peer.
2. copy whole splunk_home folder to new Linux server.
3. change the paths in configuration file to fit Linux format.
now, I want to install splunk via RPM package to finish migration. but I am not sure which command can keep my configuration, alerts, reports, dashboards from old splunk.
does "rpm -i --replacepkgs --prefix=/splunkdirectory/ splunk_package_name.rpm" can cover my requirement?
if anything I did wrong, please help, thanks in advance.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hey there,
For alerts, reports, dashboards: these files are stored in respective app folder in etc/apps/xxx
By default, scheduled searches alerts are typically stored in the search app unless while creating you define to another application.
You can tar.gz your existing windows etc/apps folder and untar in your Linux environment.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for your advice, I knew that I can replace folder to migrate configuration and index data, but I just want to find another way to do migration by once install.
Because I found some descriptions in guide as below: (refer to step 3)
1. Stop Splunk Enterprise on the host from which you want to migrate.
2. Copy the entire contents of the $SPLUNK_HOME directory from the old
host to the new host.
3. Install the appropriate version of Splunk Enterprise for the target platform.
4. Confirm that index configuration files (indexes.conf) contain the correct
location and path specification for any non-default indexes.
5. Start Splunk Enterprise on the new instance.
6. Log into Splunk Enterprise with your existing credentials.
7. After you log in, confirm that your data is intact by searching it.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Although this seems correct since you are changing the operating system, better try on poc or test instance.
since some settings in windows os and Linux are different.
Refer to the docs https://docs.splunk.com/Documentation/Splunk/8.0.4/Installation/MigrateaSplunkinstance
Tips & Tricks When Using Ingest Actions
Announcing Our Splunk MVPs
Dashboard Studio Challenge - Learn New Tricks, Showcase Your Skills, and Win Prizes!
