Migration from version 3 to version 5

antatzen · ‎07-30-2013

Hi,

I'm currently running a very old version 3.4.9 of splunk on an old server that appears to be on its last legs.

This version currently houses some historical data that we would prefer to keep when we do a migration to the latest version of 5.0.4.

To complicate matters we will be jumping from an old windows box ( 32 bit ) to a new Linux box ( it will likely be 32 bit too and a VM )

Is it possible to migrate directly from 3 to 5?
If it is possible would it be a case of copying the existing data from the old splunk to the new ?

The new version 5 is basically a brand new installation, has no data in it and has had the license mode flipped from trial to free.

mloven_splunk · ‎07-30-2013

It's recommended to upgrade to 4.2 first, then from 4.2 to 5.x.

See here:

As you said, the Windows to Linux migration complicates things... If it were me, I think I'd upgrade your existing installation to 4.2, then to 5, and then migrate your data/knowledge over to a new Linux install.

You may be able to get away with just migrating your stuff over from your 3.x install to a new 5.x install, but there have been enough changes in the two major revisions that you'd probably be chasing errors for a while.

Migration from version 3 to version 5

Introducing the 2024 SplunkTrust!

Introducing the 2024 Splunk MVPs!

Splunk Custom Visualizations App End of Life