Upgrade to 7.2 on UNIX
Before you upgrade
Before you upgrade, see About upgrading to 7.2: READ THIS FIRST for information on changes in the new version that can impact you if you upgrade from an existing version.
Splunk Enterprise does not provide a means of downgrading to previous versions. If you need to revert to an older Splunk release, uninstall the upgraded version and reinstall the version you want.
Back your files up
Before you perform the upgrade, back up all of your files, including Splunk Enterprise configurations, indexed data, and binaries.
For information on backing up data, see Back up indexed data in the Managing Indexers and Clusters Manual.
For information on backing up configurations, see Back up configuration information in the Admin Manual.
How upgrading works
To upgrade a Splunk Enterprise installation, you must install the new version directly on top of the old version (into the same installation directory.) When Splunk Enterprise starts after an upgrade, it detects that the files have changed and asks whether or not you want to preview the migration changes before it performs the upgrade.
If you choose to view the changes before proceeding, the upgrade script writes the proposed changes to the
Splunk Enterprise does not change your configuration until after you restart it.
Upgrade Splunk Enterprise
- Open a shell prompt on the machine that has the instance that you want to upgrade.
- Change to the
- Run the
$SPLUNK_HOME/bin/splunk stopcommand to stop the instance.
- Confirm that no other processes can automatically start Splunk Enterprise.
- To upgrade and migrate, install the Splunk Enterprise package directly over your existing deployment.
- If you use a
.tarfile, expand it into the same directory with the same ownership as your existing Splunk Enterprise instance. This overwrites and replaces matching files but does not remove unique files.
tar xzf splunk-7.x.x-<version-info>.tgz -C /splunk/parent/directory
- If you use a package manager, such as RPM, type
rpm -U splunk_package_name.rpm
- If you use a .dmg file on Mac OS X, double-click it and follow the instructions. Specify the same installation directory as your existing installation.
- If you use a
- Run the
Splunk Enterprise displays the following output.
This appears to be an upgrade of Splunk. -------------------------------------------------------------------------------- Splunk has detected an older version of Splunk installed on this machine. To finish upgrading to the new version, Splunk's installer will automatically update and alter your current configuration files. Deprecated configuration files will be renamed with a .deprecated extension. You can choose to preview the changes that will be made to your configuration files before proceeding with the migration and upgrade: If you want to migrate and upgrade without previewing the changes that will be made to your existing configuration files, choose 'y'. If you want to see what changes will be made before you proceed with the upgrade, choose 'n'. Perform migration and upgrade without previewing configuration changes? [y/n]
- Choose whether or not you want to run the migration preview script to see proposed changes to your existing configuration files, or proceed with the migration and upgrade right away. If you choose to view the expected changes, the script provides a list.
- After you review these changes and are ready to proceed with migration and upgrade, run
Upgrade and accept the license agreement simultaneously
After you place the new files in the Splunk Enterprise installation directory, you can accept the license and perform the upgrade in one command.
- To accept the license and view the expected changes (answer 'n') before continuing the upgrade, use the following command.
$SPLUNK_HOME/bin/splunk start --accept-license --answer-no
- To accept the license and begin the upgrade without viewing the changes (answer 'y').
$SPLUNK_HOME/bin/splunk start --accept-license --answer-yes
Changes for Splunk App developers
Upgrade to 7.2 on Windows
This documentation applies to the following versions of Splunk® Enterprise: 7.2.0, 7.2.1, 7.2.2, 7.2.3, 7.2.4, 7.2.5, 7.2.6, 7.2.7, 7.2.8