Hi,
We need to upgrade our Splunk Enterprise from version 9.0.0 to 9.0.7 on the Deployment Server. Can someone please provide me with the steps required to perform this upgrade?
I also need guidance on what needs to be backed up before executing this upgrade. Additionally, could you provide an estimation of the time required to complete this upgrade process?
what about the time to complete these upgrade ?
Splunk has documentation on this subject. See https://docs.splunk.com/Documentation/Splunk/9.0.7/Installation/HowtoupgradeSplunk
And little bit more about this https://lantern.splunk.com/Splunk_Platform/Product_Tips/Upgrades_and_Migration/Upgrading_the_Splunk_...
Can we install as a root ?
Yes you should install it as you are root user, but then you should chown it as splunk (or other non root user). Then enable it start as that user.
Yes, but it is not recommended.
What will happen ? how do we install then ?
Nothing will happen. Splunk will run just fine when installed as root. Doing so, however, is not a good security practice. Everything Splunk does will be as root - including any unknown vulnerabilities. User scripts will run as root, which means they have the potential to cause great harm to the system.
Install Splunk as a normal user. User "splunk" is common. If it's necessary to install using root (when using rpm files, for instance), then use the chown command to give ownership to 'splunk' afterwards.
I'm aiming to upgrade my Splunk Enterprise on the deployment server, but I'm uncertain whether it's configured as standalone or distributed. How can we verify this and proceed with the upgrade accordingly? Additionally, does the upgrade process differ between standalone and distributed setups?
The process for upgrading standalone and distributed Splunk installation is the same. For distributed environments, there is a prescribed upgrade order. See https://docs.splunk.com/Documentation/Splunk/9.1.2/Installation/HowtoupgradeSplunk and https://docs.splunk.com/Documentation/Splunk/9.1.2/Installation/UpgradeyourdistributedSplunkEnterpri...
Unable to access the backend for the splunk through putty netwotk is not allowing me to connect what could be the cause?
That should be a new question.