Solved: Upgrade from 9.1.3 to 9.2.2

dude49 · ‎09-30-2024

I did a recent upgrade of Splunk, but now notice my clients are not phoning in for some reason. This is my first upgrade in production environment, any help troubleshooting would be great. I still see my client configs on the backend but not sure why they are not reporting on the GUI.

isoutamo · ‎09-30-2024

Hi

there have been major update how DS is working on 9.2. There are several threads in community where this is discussed. But basically these describe change and how to fix it.

https://docs.splunk.com/Documentation/Splunk/9.3.1/Updating/Upgradepre-9.2deploymentservers
https://community.splunk.com/t5/Splunk-Enterprise/After-upgrading-my-DS-to-Enterprise-9-2-2-clients-... (explanation later in this article, not se link to splunk.my.site.com)

r. Ismo

View solution in original post

isoutamo · ‎09-30-2024

Hi

there have been major update how DS is working on 9.2. There are several threads in community where this is discussed. But basically these describe change and how to fix it.

https://docs.splunk.com/Documentation/Splunk/9.3.1/Updating/Upgradepre-9.2deploymentservers
https://community.splunk.com/t5/Splunk-Enterprise/After-upgrading-my-DS-to-Enterprise-9-2-2-clients-... (explanation later in this article, not se link to splunk.my.site.com)

r. Ismo

dude49 · ‎09-30-2024

Thanks this fixed the issue, added the stanza [indexAndForward] and they all popped right backup after the restart. Beautiful!!!!

Upgrade from 9.1.3 to 9.2.2

upgrade

Accelerating Observability as Code with the Splunk AI Assistant

Splunk Search APIを使えば調査過程が残せます

Integrating Splunk Search API and Quarto to Create Reproducible Investigation ...

Join the Conversation

Upgrade from 9.1.3 to 9.2.2

upgrade

Accelerating Observability as Code with the Splunk AI Assistant

Splunk Search APIを使えば調査過程が残せます

Integrating Splunk Search API and Quarto to Create Reproducible Investigation ...