Greetings!!!
How to updrade from 5.3.0 to SPlunk Enterprise Security version 7.0,
I am having splunk enterprise 7.2.6,
Kindly advise & guide me how can i upgrade it?
Thank you in advance!
There's an entire manual devoted to upgrading ES. See https://docs.splunk.com/Documentation/ES/7.0.0/Install/Overview . To upgrade ES 5.x you will have to upgrade Splunk Enterprise as well. See the compatibility matrix at https://docs.splunk.com/Documentation/VersionCompatibility/current/Matrix/CompatMatrix to see which version of Splunk you'll need.
Your splunk enterprise version should be on atleast 8.1 to upgrade to 7.0 ES app version. Splunk Enterprise version 7.0 is no longer supported as of October 23, 2019. Splunk Enterprise version 7.1 is no longer supported as of October 31, 2020.
If you have PS support, they will guide you on upgrade steps. We faced few critical issues during upgrade from 7.x to 8.x. please refer the "Known issues" listed by splunk which would help you in for a successful upgrade. Pls don't rush in, plan the upgrade well and do it. Otherwise, it may cause production issues.
https://docs.splunk.com/Documentation/Splunk/8.2.4/ReleaseNotes/KnownIssues
Let me know if you need any further help in this regard. Thank you.
Thank you @kkrises for your advice and guidance,
When I have downloaded the version of Splunk ES https://splunkbase.splunk.com/app/xxx/,
is this enough to upgrade splunk ES to 7.0.0 and Splunk Enterprise version 8.1.x- 8.2.4)????
or I have to also download other one for Splunk Enterprise version 8.1.x to 8.2.4 ?????
Another question, what command to use in CLI or use GUI to upgrade after getting upgrade version file splunk-enterprise-security_700.spl ???
Kindly help me, how to upgrate it after getting this upgrade version file?
Thank you in advance
There's an entire manual devoted to upgrading ES. See https://docs.splunk.com/Documentation/ES/7.0.0/Install/Overview . To upgrade ES 5.x you will have to upgrade Splunk Enterprise as well. See the compatibility matrix at https://docs.splunk.com/Documentation/VersionCompatibility/current/Matrix/CompatMatrix to see which version of Splunk you'll need.
@Thank you dear @richgalloway for your guidance,
The only problem, I still have, I have seen splunk ES has various versions of Splunk enterprise that is compatible to splunk ES v 7.0.0
- May you help me how i can upgrade splunk enterprise to the latest one which is 8.2.4 and Splunk ES to 7.00,
is it possible to upgrade splunk enterprise from 7.2.6 to 8.2.4 ????
also possible to upgrade splunk ES from 5.3.0 to 7.0.0 ????
If possible may you please guide me how to upgrade them, what are the requirements???
Kindly help me on this cause in the documents is little bit confused, i don't well understand this,
Thank you in advance.
Yes, it is possible to upgrade from 7.2.6 to 8.2.4, but that can be a breaking change. All of your apps must be compatible with Python 3 to install Splunk 8. Run the Upgrade Readiness app (https://splunkbase.splunk.com/app/5483/) to see if your apps are ready. As with any upgrade, you'll want to read the Release Notes for the version you're installing as well as each intervening version to see if there are changes that affect your environment. The Release Notes may call for special steps you must take to upgrade to that version
Likewise for Splunk ES. Check the Release Notes and Upgrade Instructions for each version to see which steps must be performed.
Detailed steps are too extensive for this forum and are something for which Splunk often recommends engaging Professional Services. PS can advise the best upgrade process for your environment.