Splunk Enterprise

Upgrade Splunk Enterprise from 9.0.0 to 9.0.7

AL3Z
Builder

Hi,

We need to upgrade our Splunk Enterprise from version 9.0.0 to 9.0.7 on the Deployment Server. Can someone please provide me with the steps required to perform this upgrade?

I also need guidance on what needs to be backed up before executing this upgrade. Additionally, could you provide an estimation of the time required to complete this upgrade process?

what about the time to complete these upgrade ?

Labels (2)
0 Karma

richgalloway
SplunkTrust
SplunkTrust

Splunk has documentation on this subject.  See https://docs.splunk.com/Documentation/Splunk/9.0.7/Installation/HowtoupgradeSplunk

---
If this reply helps you, Karma would be appreciated.
0 Karma

isoutamo
SplunkTrust
SplunkTrust
0 Karma

AL3Z
Builder

Can we install as a root ?

0 Karma

isoutamo
SplunkTrust
SplunkTrust

Yes you should install it as you are root user, but then you should chown it as splunk (or other non root user). Then enable it start as that user.

richgalloway
SplunkTrust
SplunkTrust

Yes, but it is not recommended.

---
If this reply helps you, Karma would be appreciated.
0 Karma

AL3Z
Builder

@richgalloway ,

What will happen ? how do we install then ?

0 Karma

richgalloway
SplunkTrust
SplunkTrust

Nothing will happen.  Splunk will run just fine when installed as root.  Doing so, however, is not a good security practice.  Everything Splunk does will be as root - including any unknown vulnerabilities.  User scripts will run as root, which means they have the potential to cause great harm to the system.

Install Splunk as a normal user.  User "splunk" is common.  If it's necessary to install using root (when using rpm files, for instance), then use the chown command to give ownership to 'splunk' afterwards.

---
If this reply helps you, Karma would be appreciated.

AL3Z
Builder

@richgalloway ,

I'm aiming to upgrade my Splunk Enterprise on the deployment server, but I'm uncertain whether it's configured as standalone or distributed. How can we verify this and proceed with the upgrade accordingly? Additionally, does the upgrade process differ between standalone and distributed setups?

0 Karma

richgalloway
SplunkTrust
SplunkTrust

The process for upgrading standalone and distributed Splunk installation is the same.  For distributed environments, there is a prescribed upgrade order.  See https://docs.splunk.com/Documentation/Splunk/9.1.2/Installation/HowtoupgradeSplunk and https://docs.splunk.com/Documentation/Splunk/9.1.2/Installation/UpgradeyourdistributedSplunkEnterpri...

---
If this reply helps you, Karma would be appreciated.
0 Karma

AL3Z
Builder

@isoutamo @richgalloway ,

Unable to access the backend for the splunk through putty netwotk is not allowing me to connect what could be the cause?

0 Karma

richgalloway
SplunkTrust
SplunkTrust

That should be a new question.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Get Updates on the Splunk Community!

Monitoring Postgres with OpenTelemetry

Behind every business-critical application, you’ll find databases. These behind-the-scenes stores power ...

Mastering Synthetic Browser Testing: Pro Tips to Keep Your Web App Running Smoothly

To start, if you're new to synthetic monitoring, I recommend exploring this synthetic monitoring overview. In ...

Splunk Edge Processor | Popular Use Cases to Get Started with Edge Processor

Splunk Edge Processor offers more efficient, flexible data transformation – helping you reduce noise, control ...