Installation
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

upgrading to 4.3.2

mattj81
New Member
‎06-08-2012 08:27 AM

im going to be upgrading from splunk 4.2 to 4.3.2 on windows 2008 x64. ive backed up \program files\splunk\ and all its sub-folders to be safe.

can i just run the latest .msi through without any issues?

thanks!

Tags (1)
0 Karma
Reply

mattj81
New Member
‎06-13-2012 08:00 AM

apologies, shouldnt of read that so quick! can i confidentally just run the .msi through to upgrade to this version then? thanks 🙂

0 Karma
Reply

mattj81
New Member
‎06-13-2012 12:04 AM

ahh right, which version would you go to then if 4.3.2 isnt stable?

0 Karma
Reply

ChrisG
Splunk Employee
Splunk Employee
‎06-13-2012 07:57 AM

4.3.1, as jeff said in his previous answer.

0 Karma
Reply

jeff
Contributor
‎06-11-2012 09:55 AM

I'd caution you to hold off installing 4.3.2 on Windows if you intend to collect data from the Windows Event Logs. There's a known issue where Windows Event Logs are not read properly (issue SPL-51312 ; see answer 47535 for more background). Splunk and the Universal Forwarder v4.3.1 don't have this problem...

0 Karma
Reply

ChrisG
Splunk Employee
Splunk Employee
‎06-12-2012 09:19 AM

Good point there. SPL-51312 is fixed in the forthcoming 4.3.3 maintenance release.

0 Karma
Reply

ChrisG
Splunk Employee
Splunk Employee
‎06-08-2012 09:16 AM

You should definitely read About Upgrading to 4.3 READ THIS FIRST in the Installation Manual. Step-by-step instructions about performing the upgrade itself follow that topic. It's hard to answer your question specifically without knowing a little more about your Splunk deployment. You'll want to back up your indexed event data and your configuration data. There are some changes in 4.3 on Windows, like host name normalization, that you will want to be aware of. The documentation should give you what you need.

0 Karma
Reply

ChrisG
Splunk Employee
Splunk Employee
‎06-11-2012 09:30 AM

Again, it's hard to answer without knowing more. It depends on what your current setup is. Do you have scripted inputs defined in inputs.conf? Do you have searches that expect fully-qualified domain names? If something stops working after you upgrade, you can specify a host name using the "host" attribute for that particular input.

0 Karma
Reply

mattj81
New Member
‎06-11-2012 12:23 AM

thanks for the response! ive backed up everything mentioned in the document....will host name normailization break my current setup then?

0 Karma
Reply
Get Updates on the Splunk Community!

Routing logs with Splunk OTel Collector for Kubernetes

The Splunk Distribution of the OpenTelemetry (OTel) Collector is a product that provides a way to ingest ...

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM

Elevating Digital Service Excellence: The Synergy of Real User Monitoring and Application Performance ...