Splunk Enterprise
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Upgrade from Splunk 7.2.4.2 to 9.1

mark71
Engager
‎02-05-2024 01:04 AM

Hi.

I have to upgrade a splunk environment from Splunk 7.2.4.2 to 9.1. I don't have the option to migrate to a new cluster. The upgrade readiness app is not available for our current version. I know I need to go 7 to 8 and then to 9. In the order of Cluster Master/Indexer Peers..../Search Peers/Deployer/Deployment/UF's and HF's. Can anyone offer any input on what may catch me out in the process?

 

Thanks

 

Labels (1)
Labels
0 Karma
Reply

Richfez
SplunkTrust
SplunkTrust
‎02-05-2024 07:16 AM

First, A couple of links that you should probably have around.  This is a great flowchart for the whole pile o' stuff to do around and upgrade.

https://community.splunk.com/t5/Installation/What-s-the-order-of-operations-for-upgrading-Splunk-Ent...

And of course the official docs

https://docs.splunk.com/Documentation/Splunk/latest/Installation/HowtoupgradeSplunk

And there are a few gotchas with the upgrades you'll have to go through. 

While we don't know all the problems you'll have in your environment, the big ones that I'm aware of that you'll have to address is the upgrade to Python3 and the migration of kvstore to wired tiger

The former is documented here: https://docs.splunk.com/Documentation/Splunk/9.0.0/Installation/AboutupgradingREADTHISFIRST

The latter is found in here, though I think it doesn't make it prominent enough - https://docs.splunk.com/Documentation/Splunk/9.0.0/Installation/AboutupgradingREADTHISFIRST

(It ends up pointing you to here: https://docs.splunk.com/Documentation/Splunk/9.0.0/Admin/MigrateKVstore)

There may be others, you should read through the About Upgrading docs for each version with an eye on your environment and how it's set up.  For instance, here's the one for the 8.1.14 upgrade.  https://docs.splunk.com/Documentation/Splunk/8.1.14/Installation/HowtoupgradeSplunk

I know, it seems boring.  But doing so will pay off in the end!

 

Happy Splunking!

-Richfez

 

 

 

Reply

isoutamo
SplunkTrust
SplunkTrust
‎02-05-2024 07:00 AM

Hi

I think that most important for you is check that all your apps etc. works with Python3 and fulfil other requirements which have come with 8.x and also on 9.x.  I suppose that you have several apps and TAs which you must/should update to the latest suitable versions. At least some of those need to update 1st to 8 than after update Splunk to 8.x then you can update those into latest version. One issue could be found versions which are working with Splunk 8.x as splunkbase don't have all versions and especially to found documentation which told how you should upgrade those (e.g. DBX etc.)!

I propose that after you have upgraded to 8.x then use upgrade readiness app to check that everything is ok and fix what is needed!

I suppose that you have already read this https://lantern.splunk.com/Splunk_Platform/Product_Tips/Upgrades_and_Migration/Upgrading_the_Splunk_...

For UFs I think that you can update those after you have updated to 9.1.x. Depending on your UF version you probably need to update those with several steps if needed?

r. Ismo

Reply

mark71
Engager
‎02-08-2024 10:31 AM

Thanks for the feedback. I have read the link you provided and feel more confident about the upgrade.

 

Thanks

 

 

Tags (1)
0 Karma
Reply
Get Updates on the Splunk Community!

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...

September Community Champions: A Shoutout to Our Contributors!

As we close the books on another fantastic month, we want to take a moment to celebrate the people who are the ...

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...