Potential Impact of Upgrading Splunk Enterprise to...

Polarbear · ‎06-13-2024

Hello everyone,

We are currently running Splunk Enterprise version 9.0.6 on a Windows Server 2016 machine as part of a distributed Splunk environment. Due to compliance requirements, we need to upgrade to at least version 9.1.4. However, Splunk Enterprise 9.1.4 officially lists Windows Server 2019 as a prerequisite.

I have tested the upgrade in our lab environment on Windows Server 2016, and it appears to work without any immediate issues. Despite this, I am concerned about potential unforeseen impacts or compatibility problems since the official documentation recommends Windows Server 2019.

Additionally, our OS team has advised that upgrading the OS from Windows Server 2016 to 2019 could potentially corrupt the servers, necessitating a rebuild. My boss is understandably reluctant to take this risk, especially since the current server is planned for retirement by the end of this year.

Has anyone else performed a similar upgrade on Windows Server 2016 within a distributed Splunk environment? Are there any known issues or potential risks we should be aware of? Any insights or experiences would be greatly appreciated.

Potential Impact of Upgrading Splunk Enterprise to 9.1.4 on Windows Server 2016 in distributed Splunk environment

upgrade

Transform your security operations with Splunk Enterprise Security

Splunk Admins and App Developers | Earn a $35 gift card!

Enterprise Security Content Update (ESCU) | New Releases