upgrade steps for clustered environment 7.3.3 to 8.1.2


I am preparing to upgrade a distributed and clustered Splunk Enterprise install from 7.3.3 to 8.1.2, but the install guides are not clear for the correct method.

My current plan is to upgrade in the following order:

Deployment Servers (primary and standby)

Cluster Masters / License Masters (primary and standby)

Search Head cluster

2-site Indexer cluster

and afterward, all the HFs and UFs (many of each).


Where I'm not clear is the SH/IDX process.

SH: rolling or all at once?

IDX: one site at a time, or all at once?

I have found documentation that says we can do rolling upgrade of SH's, and can do IDX's one site at a time, but other documentation that implies I have to do all SH and IDX in one big hit (because 7.3.3 > 8.1.2 is more than a single version jump). My colleagues are in conflict which is correct.

Any clues to the real answer here?

Thanks for any help.

Labels (1)
0 Karma
Did you miss .conf21 Virtual?

Good news! The event's keynotes and many of its breakout sessions are now available online, and still totally FREE!