I've inherited a Splunk environment with many apps installed and some require upgrading.
Example:
I need to upgrade the Splunk Website Monitoring app from version 1.6 to 2.7.0 (current latest version).
I've searched on answers.splunk.com for how to upgrade Splunk apps, but all I could find is:
1..) In the case of the *nix app on my instance, I chose overwrite with 4.2.0 from the splunk -> manager -> apps window.
I can't find how to do this from the Splunk apps web interface. There's no obvious upgrade form, or place to "overwrite" the app.
2..) Helped me to get rid of "unix-all-logs" eventtypes:
1) move "unix" app from folder etc/apps
2) restart splunk
3) copy "unix" app back to etc/apps folder
4) restart splunk
Simply deleting the old app, and copying over the new app will results in the loss of all the currently defined inputs (of which there are currently over 300).
Is there some decent documentation on how to upgrade Splunk apps, and/or Website Monitoring in particular? I'm also concerned that the web UI shows more apps than I can currently find in the local/inputs.conf, leading me to believe these apps are defined elsewhere, and I don't want to lose my inputs if I upgrade.
Thank you
... View more