Does anyone have a splunk build number to splunk version number table of some sort? I'm looking at building a view for deployment information from the DeploymentMetrics
events. Unfortunately, these events contain a build
field but not the version of splunk.
Does anyone know of any existing table with this information?
I would prefer not to have to go coble it all together myself, if I don't have to. (I could parse the info out of my downloaded splunk installers, but that's a pain). If some one has this list in CSV format would be great, since my goal is to put this into a lookup table.
You can easily check the splunk.com/download page and view the older releases for your OS. The release number is embedded in the name of the download file along with the version. I've cut and pasted most versions for Linux 64 bit (note that they might slightly differ per platform):
splunk-4.1-77833-linux-2.6-x86_64.rpm
splunk-4.0.10-77146-linux-2.6-x86_64.rpm
splunk-4.0.9-74233-linux-2.6-x86_64.rpm
splunk-4.0.8-73243-linux-2.6-x86_64.rpm
splunk-4.0.7-72459-linux-2.6-x86_64.rpm
splunk-4.0.6-70313-linux-2.6-x86_64.rpm
splunk-4.0.5-69401-linux-2.6-x86_64.rpm
splunk-4.0.4-67724-linux-2.6-x86_64.rpm
splunk-4.0.3-65638-linux-2.6-x86_64.rpm
splunk-4.0.2-64889-linux-2.6-x86_64.rpm
splunk-4.0.1-64658-linux-2.6-x86_64.rpm
splunk-3.4.13-75215-linux-2.6-x86_64.rpm
splunk-3.4.12-69236-linux-2.6-x86_64.rpm
splunk-3.4.11-65313-linux-2.6-x86_64.rpm
splunk-3.4.10-60883-linux-2.6-x86_64.rpm
splunk-3.4.9-57762-linux-2.6-x86_64.rpm
splunk-3.4.8-54309-linux-2.6-x86_64.rpm
splunk-3.4.6-51113-linux-2.6-x86_64.rpm
splunk-3.4.5-47883-linux-2.6-x86_64.rpm
splunk-3.4.3-46779-linux-2.6-x86_64.rpm
splunk-3.4.2-46047-linux-2.6-x86_64.rpm
splunk-3.4.1-45588-linux-2.6-x86_64.rpm
splunk-3.4-44873-linux-2.6-x86_64.rpm
splunk-3.3.4-43000-linux-2.6-x86_64.rpm
splunk-3.3.3-42717-linux-2.6-x86_64.rpm
splunk-3.3.2-41320-linux-2.6-x86_64.rpm
splunk-3.3.1-39933-linux-2.6-x86_64.rpm
splunk-3.3-38914-linux-2.6-x86_64.rpm
splunk-3.2.6-38259-linux-2.6-x86_64.rpm
splunk-3.2.5-38160-linux-2.6-x86_64.rpm
splunk-3.2.4-37025-linux-2.6-x86_64.rpm
splunk-3.2.3-35555-linux-2.6-x86_64.rpm
splunk-3.2.2-34603-linux-2.6-x86_64.rpm
splunk-3.2.1-34291-linux-2.6-x86_64.rpm
splunk-3.2-33572-linux-2.6-x86_64.rpm
splunk-3.1.5-31521-linux-2.6-x86_64.rpm
splunk-3.1.4-30364-linux-2.6-x86_64.rpm
splunk-3.1.3-28524-linux-2.6-x86_64.rpm
splunk-3.1.2-28096-linux-2.6-x86_64.rpm
splunk-3.1.1-27147-linux-2.6-x86_64.rpm
splunk-3.1-26228-linux-2.6-x86_64.rpm
splunk-3.0.2-24828-linux-2.6-x86_64.rpm
splunk-3.0.1-24078-linux-2.6-x86_64.rpm
splunk-3.0-23043-linux-2.6-x86_64.rpm
Yeah, the version number and build in a single log message at startup time would be helpful too. 😉
This points to: we should really just add the version number to the boot up information.
Here is a little script to extract version info from splunk's download web pages. For anyone who is interested.
#!/usr/bin/python
""" Simple little script to build a list of splunks build and version numbers
pulled from the 'previous download' page on Splunk's main web page.
"""
import os, sys, re, csv, urllib2
webpage_urls = [
"http://www.splunk.com/downloads",
"http://www.splunk.com/page/previous_releases"
]
# Be sure to set this to an appropriate path on your system.
#outfile = os.path.join(os.environ["SPLUNK_HOME"], "etc", "system", "lookups", "splunk_builds.csv")
outfile = "splunk_builds.csv"
splunk_splitter = re.compile(r'\bsplunk-\d+\.\d+(?:\.\d+)?-\d+-[\w._-]+\.(?:tgz|rpm|deb|msi|pkg\.Z|tar\.Z|bin)\b')
splunk_re = re.compile(r'^splunk-(?P<version>\d+\.\d+(?:\.\d+)?)-(?P<build>\d+)-(?P<platform>[\w._-]+)\.(?P<ext>tgz|rpm|deb|msi|pkg\.Z|tar\.Z|bin)')
def extract_version(url):
fp = urllib2.urlopen(url)
content = fp.read()
for txt in splunk_splitter.findall(content):
d = splunk_re.match(txt).groupdict()
if d["ext"] == "msi":
d["platform"] = d["platform"].replace("release", "windows")
yield d
results = {}
for url in webpage_urls:
for gd in extract_version(url):
k = (int(gd["build"]), gd["version"])
platform = gd["platform"]
if k in results:
results[k].add(platform)
else:
results[k] = set([platform])
o = csv.writer(open(outfile, "w"))
o.writerow(("build", "version", "platforms"))
for key in sorted(results.keys()):
platform = results[key]
print key[0], key[1]
o.writerow( (key[0], key[1], ";".join(platform)) )
transforms.conf
:
[splunkbuild]
filename = splunk_builds.csv
Then you can do a search like:
index=_internal sourcetype=splunkd loader "Splunkd starting" | rex "build (?<build>\d+)" | lookup splunkbuild build OUTPUT version
for those of you wondering why this doesn't work when you copy and paste it's because the answers regex have had the backslashes removed when it was posted. Put a backslah before the . and b and w in the regexes and it will work once properly indented.
You can easily check the splunk.com/download page and view the older releases for your OS. The release number is embedded in the name of the download file along with the version. I've cut and pasted most versions for Linux 64 bit (note that they might slightly differ per platform):
splunk-4.1-77833-linux-2.6-x86_64.rpm
splunk-4.0.10-77146-linux-2.6-x86_64.rpm
splunk-4.0.9-74233-linux-2.6-x86_64.rpm
splunk-4.0.8-73243-linux-2.6-x86_64.rpm
splunk-4.0.7-72459-linux-2.6-x86_64.rpm
splunk-4.0.6-70313-linux-2.6-x86_64.rpm
splunk-4.0.5-69401-linux-2.6-x86_64.rpm
splunk-4.0.4-67724-linux-2.6-x86_64.rpm
splunk-4.0.3-65638-linux-2.6-x86_64.rpm
splunk-4.0.2-64889-linux-2.6-x86_64.rpm
splunk-4.0.1-64658-linux-2.6-x86_64.rpm
splunk-3.4.13-75215-linux-2.6-x86_64.rpm
splunk-3.4.12-69236-linux-2.6-x86_64.rpm
splunk-3.4.11-65313-linux-2.6-x86_64.rpm
splunk-3.4.10-60883-linux-2.6-x86_64.rpm
splunk-3.4.9-57762-linux-2.6-x86_64.rpm
splunk-3.4.8-54309-linux-2.6-x86_64.rpm
splunk-3.4.6-51113-linux-2.6-x86_64.rpm
splunk-3.4.5-47883-linux-2.6-x86_64.rpm
splunk-3.4.3-46779-linux-2.6-x86_64.rpm
splunk-3.4.2-46047-linux-2.6-x86_64.rpm
splunk-3.4.1-45588-linux-2.6-x86_64.rpm
splunk-3.4-44873-linux-2.6-x86_64.rpm
splunk-3.3.4-43000-linux-2.6-x86_64.rpm
splunk-3.3.3-42717-linux-2.6-x86_64.rpm
splunk-3.3.2-41320-linux-2.6-x86_64.rpm
splunk-3.3.1-39933-linux-2.6-x86_64.rpm
splunk-3.3-38914-linux-2.6-x86_64.rpm
splunk-3.2.6-38259-linux-2.6-x86_64.rpm
splunk-3.2.5-38160-linux-2.6-x86_64.rpm
splunk-3.2.4-37025-linux-2.6-x86_64.rpm
splunk-3.2.3-35555-linux-2.6-x86_64.rpm
splunk-3.2.2-34603-linux-2.6-x86_64.rpm
splunk-3.2.1-34291-linux-2.6-x86_64.rpm
splunk-3.2-33572-linux-2.6-x86_64.rpm
splunk-3.1.5-31521-linux-2.6-x86_64.rpm
splunk-3.1.4-30364-linux-2.6-x86_64.rpm
splunk-3.1.3-28524-linux-2.6-x86_64.rpm
splunk-3.1.2-28096-linux-2.6-x86_64.rpm
splunk-3.1.1-27147-linux-2.6-x86_64.rpm
splunk-3.1-26228-linux-2.6-x86_64.rpm
splunk-3.0.2-24828-linux-2.6-x86_64.rpm
splunk-3.0.1-24078-linux-2.6-x86_64.rpm
splunk-3.0-23043-linux-2.6-x86_64.rpm