Anything in particular we should watch out for while upgrading the SplunkApp for EnterpriseSecurityinasearchheadcluster?
We'll be upgrading ES from 3.2.1 to 3.3 ina few weeks. We've r...
...pplying searchheadcluster bundle.
I use this command to upgradeSplunkEnterpriseSecurity:
$SPLUNK_HOME/bin/splunkapply shcluster-bundle -preserve-lookups true -target https://instance1:8...
Currently looking to upgrade from Splunk 6.3.1 to Splunk 6.4. We run a multi-sited Clustered environment with EnterpriseSecurity 4.0.
Before upgrading I'd like to know if we are still required t...
...anagement, but for both SH cluster members, this screen is blank. SplunkEnterprise version is 6.5.0. Earlier, with ES 4.1.2, we were able to load the correlations on both members.
Is this by d...
...or both prod and test environment • SearchHead running EnterpriseSecurity
We currently have a few caveats in the environment that will affect our upgrade. We cannot upgradeEnterpriseSecurity f...
...ollowing the normal procedure for any SplunkEnterpriseupgrade, as described in How to upgradeSplunkEnterprisein the Installation Manual.
If the searchheads in the indexer clusterare members of a...
...owards: Running at least two instances of SplunkEnterprise, so that we have redundancy and load balancing and can transparently upgrade The instances would not have any indexer or searchhead f...
Hi,
I am trying to simulate aclusterenvironment for the SplunkApp for EnterpriseSecurity. The setup is:
-Two Indexers inacluster with Rep Factor =2 , search factor=2
-One searchhead f...
SplunkEnterpriseSecurity is deployed to aSearchHeadCluster, along with a bunch of applicable TAs. Deployments are pushed via the deployer (always using the "-preserve-lookups true" option to k...