Splunk Enterprise
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk Enterprise Advisories- Is it mandatory to upgrade?

anandhalagaras1
Contributor
‎05-12-2022 02:57 AM

Hi Team,

Recently we got an email from Splunk Support stating with the Subject as "Splunk Enterprise Advisories - May 2022" so when checked the email I can able to see around 8 Advisories mentioned for Splunk Enterprise and they have also mentioned that Splunk Cloud wont be impacted and our environment we have 4 Splunk HF servers and 1 Deployment master server which are running with Splunk enterprise instance.

 

Reference Link:

https://www.splunk.com/en_us/product-security.html?lst=Email1&utm_medium=email&utm_source=splunk&utm...

And our servers  are running with Splunk Enterprise with versions Splunk 8.1.2 (build 545206cc9f70) & Splunk 8.1.3 (build 63079c59e632) respectively.

So is it mandate to upgrade our HF and DM servers to the latest version i.e. from 8.1.2 or 8.1.3 to 8.2.6?

Or do we have any workaround to address the gaps? 

Also currently we are running with 8.1.2 or 8.1.3 so can i directly upgrade them to 8.2.6 version will there be any changes? Best recommendations?

So if we upgrade them to latest version will it fix all security vulnerability issue? 

Also whether it should be upgraded immediately (Our HF and DM servers) or can we perform the upgrade might be in a month or so?

 

Kindly help on the same.

 

Labels (2)
Labels
Tags (1)
0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎05-12-2022 06:52 AM

Since this is just an advisory, upgrades are recommended, but not mandatory.  If you choose to not upgrade, however, you also choose to live with the vulnerabilities.  There may or may not be workarounds - you'd have to read the details for each vulnerability to determine that.

Upgrading the software should fix the reported vulnerabilities.  It very likely will not fix unknown vulnerabilities.

You can upgrade in your own time.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply

anandhalagaras1
Contributor
‎05-12-2022 07:22 AM

@richgalloway ,

Thank you for your detailed information.

So from our current version 8.1 or 8.2 can we upgrade our systems directly to the latest version 8.2.6 or should we need to upgrade 8.2.0 and then to 8.2.6 something like that?

FYI. Our Splunk search heads are hosted in Cloud and it is running with 8.2.2202.1

0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎05-12-2022 09:54 AM

If I recall correctly, there are no interim steps needed for that upgrade, but the Release Notes will confirm that.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...

What’s New in Splunk Observability – September 2025

What's NewWe are excited to announce the latest enhancements to Splunk Observability, designed to help ITOps ...

Fun with Regular Expression - multiples of nine

Fun with Regular Expression - multiples of nineThis challenge was first posted on Slack #regex channel ...