How to do regression testing before and after an u...

Splunk Search

Hi,

My team will be performing an upgrade from Splunk Cloud. We need to understand how all of our artifact types change before and after the upgrade: Lookup Tables, Macros, datamodels, saved searches, etc. Therefore, we are implementing the following process.

1. Pre-upgrade - create a rest based search of all artifacts and pipe it to a LUT

 | rest /servicesNS/-/-/admin/macros count=0 splunk_server=local |outputlookup acc_macro_schema.csv

2. Post-upgrade - create a search that compares all fields in the new rest based search to the information in the pre-upgrade lookup table and only returns the field values of an artifact that has changed post-upgrade. See beginning of query below

| rest /servicesNS/-/-/admin/macros count=0 splunk_server=local
| eval test_source="After"
| append [
| inputlookup acc_macro_schema_test.csv
| eval test_source="Before"]

Has anyone created a search to accomplish this goal?

Get Updates on the Splunk Community!

How to do regression testing before and after an upgrade from Splunk Cloud?

lookup

table

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics!

New in Observability Cloud - Explicit Bucket Histograms