Installation
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Splunk upgrade from 7.x to 8.x

sahabhi606
Path Finder
‎01-23-2020 11:01 PM

Dear All,

We have splunk environment consisting of :

Search head cluster (v7.33)
Index cluster (v7.0)
Deployment Server (v7.0)
Heavy Forwarders (v7.0 and v 6.6)
Deployer (v7.0)

We are planning to upgrade the environment to latest version. What should be the approach for the upgrade and what should be the sequence of upgrade. Also how can I check whether all of my installed apps are compatible with Splunk 8.x

Thanks.

Regards,
Abhi

Labels (4)
Reply
1 Solution
Solved! Jump to solution
Solution

p_gurav
Champion
‎01-23-2020 11:12 PM

Hi sahabhi606,

In terms of steps:
1. Test your apps and make sure they are compatible with 8.0 (you need to go to Splunk base and check if they are compatible)
2. Upgrade Deployment Server (disable it first, then upgrade, do not restart it yet)
3. Upgrade Search Heads
4. Upgrade Indexers (once completed you can now restart your deployment server)
5. Upgrade Forwarders

While upgrading the indexer cluster follows steps mentioned in:
https://docs.splunk.com/Documentation/Splunk/8.0.1/Indexer/Upgradeacluster

While upgrading the search cluster follows steps mentioned in:
https://docs.splunk.com/Documentation/Splunk/8.0.1/DistSearch/UpgradeaSHC

For more info:
https://docs.splunk.com/Documentation/Splunk/8.0.1/Installation/UpgradeyourdistributedSplunkEnterpri...

View solution in original post

Reply
Solved! Jump to solution
Solution

p_gurav
Champion
‎01-23-2020 11:12 PM

Hi sahabhi606,

In terms of steps:
1. Test your apps and make sure they are compatible with 8.0 (you need to go to Splunk base and check if they are compatible)
2. Upgrade Deployment Server (disable it first, then upgrade, do not restart it yet)
3. Upgrade Search Heads
4. Upgrade Indexers (once completed you can now restart your deployment server)
5. Upgrade Forwarders

While upgrading the indexer cluster follows steps mentioned in:
https://docs.splunk.com/Documentation/Splunk/8.0.1/Indexer/Upgradeacluster

While upgrading the search cluster follows steps mentioned in:
https://docs.splunk.com/Documentation/Splunk/8.0.1/DistSearch/UpgradeaSHC

For more info:
https://docs.splunk.com/Documentation/Splunk/8.0.1/Installation/UpgradeyourdistributedSplunkEnterpri...

Reply
Solved! Jump to solution

eddy_liang
Path Finder
‎12-02-2020 11:39 AM

For step 1, would looking at the app's compatibility to the upgraded version be sufficient?

0 Karma
Reply
Solved! Jump to solution

RDumbeck
Explorer
‎11-25-2020 06:43 AM

We have the same basic layout minus the heavy forwarders and all at v7.2.1  we want to go to latest as well but I need to have an idea of how long these steps will take and if there is any data modification for the new version of Splunk Enterprise.  Can you give me an idea?

1 cluster master server
1deployment master server
1deploy server  

1 multisite cluster of 3 indexers in site 1 and 2 indexers in site 2. so a total of 5 indexers.
2 search heads  in a cluster behind a load balancer

0 Karma
Reply
Get Updates on the Splunk Community!

Community Content Calendar, November Edition

Welcome to the November edition of our Community Spotlight! Each month, we dive into the Splunk Community to ...

October Community Champions: A Shoutout to Our Contributors!

As October comes to a close, we want to take a moment to celebrate the people who make the Splunk Community ...

Stay Connected: Your Guide to November Tech Talks, Office Hours, and Webinars!

What are Community Office Hours? Community Office Hours is an interactive 60-minute Zoom series where ...