Splunk Enterprise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

What version of Mongo DB version used in Splunk 8.2.5?

vengisa
Loves-to-Learn Lots
‎04-08-2022 09:56 AM

We have a requirement to upgrade mongo DB to version 4.2 or later. 

Can you please let me know what's the version of mongo DB used in Splunk 8.2.5. 

If its not 4.2 or later, can you please let me know if mongo DB can be upgraded separately.

Will Splunk have any issues if Mongo DB upgrade is done. 

Labels (2)
0 Karma
Reply

amartin6
Path Finder
‎09-07-2022 07:40 AM

We upgraded Splunk Enterprise version 9.0.0 from 8.2.5 and it did the upgrade of mongodb as part of the upgrade process, make sure you have enough disk space.  You can also do the upgrade beforehand.  If you are on version 3.6 it will do a hop to 4.0 before the final upgrade to 4.2.  Check the version in use here: splunk show kvstore-status --verbose |grep serverVersion.  It freed up tons of disk space for us after the upgrade, helps a lot if you have large kvstores.

Reply

Dipesh
Explorer
‎08-30-2022 01:27 PM

I had a similar finding for my splunk environment. 

Looks like the latest version 9.0.1 has an update from Mongo3.6 to 4.2.

Here is the readme. http://docs.splunk.com/Documentation/Splunk/9.0.1/Installation/AboutupgradingREADTHISFIRST

 

- Dipesh

0 Karma
Reply

amartin6
Path Finder
‎06-15-2022 10:58 AM

I ran this on a vanilla 8.2.5 system:
[splunk~]$ splunk cmd mongod -version
db version v3.6.17-linux-splunk-v4
git version: 226949cc252af265483afbf859b446590b09b098
OpenSSL version: OpenSSL 1.0.2za-fips 24 Aug 2021
allocator: tcmalloc
modules: none
build environment:
distarch: x86_64
target_arch: x86_64
[splunk~]$

0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎04-08-2022 10:19 AM

Run $SPLUNK_HOME/bin/mongod --version to get the mongo DB version.

While it might be possible to upgrade the included version of mongo, I strongly advise against it.  We don't know how customized the shipped version is so any upgrade you make may not work (or worse).  Plus, Splunk Support is likely to disavow any such changes.

Consider going to https://ideas.splunk.com to make a case for an updated version of mongo DB.

---
If this reply helps you, Karma would be appreciated.
Reply
Get Updates on the Splunk Community!

Adoption of RUM and APM at Splunk

    Unleash the power of Splunk Observability   Watch Now In this can't miss Tech Talk! The Splunk Growth ...

Routing logs with Splunk OTel Collector for Kubernetes

The Splunk Distribution of the OpenTelemetry (OTel) Collector is a product that provides a way to ingest ...

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...