Splunk Enterprise

Potential Impact of Upgrading Splunk Enterprise to 9.1.4 on Windows Server 2016 in distributed Splunk environment

Polarbear
Engager

Hello everyone,

We are currently running Splunk Enterprise version 9.0.6 on a Windows Server 2016 machine as part of a distributed Splunk environment. Due to compliance requirements, we need to upgrade to at least version 9.1.4. However, Splunk Enterprise 9.1.4 officially lists Windows Server 2019 as a prerequisite.

I have tested the upgrade in our lab environment on Windows Server 2016, and it appears to work without any immediate issues. Despite this, I am concerned about potential unforeseen impacts or compatibility problems since the official documentation recommends Windows Server 2019.

Additionally, our OS team has advised that upgrading the OS from Windows Server 2016 to 2019 could potentially corrupt the servers, necessitating a rebuild. My boss is understandably reluctant to take this risk, especially since the current server is planned for retirement by the end of this year.

Has anyone else performed a similar upgrade on Windows Server 2016 within a distributed Splunk environment? Are there any known issues or potential risks we should be aware of? Any insights or experiences would be greatly appreciated.

Labels (1)
0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...