Getting this error via UI upgrade to Splunk 7.1: Invalid message type: 28
We're on version 9.0.4. Previous upgrade work without this error using the UI.
We deleted the /tmp to clear for the upgrade after failure. Did the CLI upgrade instead based on the documentation.
Upgrade Splunk Enterprise Security - Splunk Documentation
./splunk install app <path to app> -update 1 -auth <username>:<password>
Then we went the UI portion to finish the configuration. Watch the usual logs. Restarted the web UI.
We deleted the /tmp to clear for the upgrade after failure. Did the CLI upgrade instead based on the documentation.
Upgrade Splunk Enterprise Security - Splunk Documentation
./splunk install app <path to app> -update 1 -auth <username>:<password>
Then we went the UI portion to finish the configuration. Watch the usual logs. Restarted the web UI.
I just noticed the same type-28 error. Before this occurred, were getting a "500 Internal Server" error. We are on Splunk 9.0.5
Waiting to hear back from Splunk support if they can resolve the UI install issue with ES 7.1.1