Installation

What’s the path of upgrading from 7.3.3 with ES and ITSI to 8.0?

danielbb
Motivator

We would like to upgrade from 7.3.3 to 8.0, having ITSI and ES. How should we go about it?

Labels (1)
Tags (4)
0 Karma

esnyder_splunk
Splunk Employee
Splunk Employee

Note that 8.0 is the Python 3 release of Splunk. Whether you want to use Python 2 or 3, the order of operations and the appropriate versions of apps and add-ons are more rigid than usual. Full instructions for all upgrade scenarios with ITSI are covered here: Python 3 migration with ITSI.

Note the following:
- ITSI version 4.4.x is completely Python 2/3 compatible.
- Splunk Enterprise Security version 6.0 is compatible with Splunk Enterprise version 8.0, though it currently requires the Python 2 interpreter that ships with Splunk Enterprise 8.0.

Your upgrade path depends on whether or not you want to use Python 2 or Python 3. Regardless, because of the Python 3 migration changes, you MUST upgrade ITSI before you upgrade Splunk Enterprise, or else ITSI breaks.

Note: ITSI 4.4.x is the only version that's compatible with Splunk Enterprise version 8.0.x. See the Splunk products version compatibility matrix for more information.

A more complete manual for Python 3 migration with all premium apps (including ITSI and ES) is available in the Splunk Enterprise Python 3 Migration manual: https://docs.splunk.com/Documentation/Splunk/latest/Python3Migration/AboutMigration

0 Karma
Get Updates on the Splunk Community!

Observability Highlights | November 2022 Newsletter

 November 2022Observability CloudEnd Of Support Extension for SignalFx Smart AgentSplunk is extending the End ...

Avoid Certificate Expiry Issues in Splunk Enterprise with Certificate Assist

This blog post is part 2 of 4 of a series on Splunk Assist. Click the links below to see the other ...

Using Machine Learning for Hunting Security Threats

REGISTER NOW Seeing the exponential hike in global cyber threat spectrum, organizations are now striving more ...