Splunk® Enterprise

Upgrade Readiness

Splunk Enterprise version 9.0 will no longer be supported as of June 14, 2024. See the Splunk Software Support Policy for details. For information about upgrading to a supported version, see How to upgrade Splunk Enterprise.

Act on Splunk Platform Compatibility scan results with the Upgrade Readiness App

The Splunk Platform Compatibility scan helps you determine if your deployment is prepared for upgrade to Splunk Enterprise 9.0. After you scan your Splunk platform instance with the Upgrade Readiness App, you can review and act on the results.

Public apps

Review and act on the scan results for all your public apps. Public apps are apps that are available on Splunkbase.

The Upgrade Readiness App scan results include Splunk-supported apps and third-party apps supported by partners and developers. App owners are responsible for updating their apps and releasing new versions after removing the libraries which make outbound TLS connections.

If you've extended an app or customized anything locally, review the results for any custom file paths that you've added to that app and take action on those to prepare for the upgrade. Otherwise, you can wait for the app owner to make updates.

For third-party apps, you can contact the developer directly using their contact details on Splunkbase to learn more about their upgrade plans. If the developer does not plan to update the app, you can make the updates yourself using the guidance in the private scan checks.

If you have a version of a public app that is failing, but a compatible version is available on Splunkbase, then the scan results direct you to download that version from Splunkbase to pass the check.

The Public App status displays unknown if any public app fails. The Upgrade Readiness App includes the Splunkbase apps list in a CSV file, which updates 7th minute past every 8th hour. If a connection to Splunkbase fails, the app uses the most recent CSV file instead.

If your public app fails, then you can identify the failures by downloading the JSON scan report.

Private apps

Review and act on the scan results for all your private apps. Private apps are apps that are private to your organization and are not available on Splunkbase.

Resolve blocking issues in your private apps and your customized Splunkbase apps, if any. Check all other file paths flagged by the app and determine what actions to take to make them upgrade-ready.

If one or more checks in an app is marked SKIPPED, this means that the Upgrade Readiness App wasn't able to complete the check due to the way the app is packaged. You can repackage the app using the Splunk Packaging Toolkit and run the scan again, or check for the upgrade compatibility issues manually. For more information, see Package apps for Splunk Cloud Platform or Splunk Enterprise using the Splunk Packaging Toolkit on the Splunk Developer Portal.

Apps that do not have any packages or Python libraries that make outbound TLS connections are marked as "PASSED". After the app is marked PASSED, test the app thoroughly to determine whether you need to take any further action.

Public and private apps

Review and act on the scan results with methods that apply to both public and private apps.

Dismiss file paths, apps, and configurations

The Upgrade Readiness App lets you dismiss individual file paths, apps, and configurations from the scan results. Dismiss these items after you verify that they are compatible with Splunk Enterprise 9.0 to narrow down the list to files that still require attention.

When you dismiss a file path, you'll be able to see such files in a separate table, and they won't be accounted as a failure in subsequent scans.

When you dismiss an app or configuration, that app is marked as an exception and it won't be accounted as a failure in the subsequent scans. You'll still be able to execute scans on that app and view results.

If you've previously dismissed an app or file, but it is included in a scan despite being marked as an exception, you can optionally remove the app or file directly from the dismiss lookup.

Use the following command for a dismissed app:

curl -k -u admin:changeme -X DELETE https://localhost:8089/servicesNS/nobody/python_upgrade_readiness_app/storage/collections/data/era_remote_dismiss_app

Use the following command for a dismissed file:

curl -k -u admin:changeme -X DELETE https://localhost:8089/servicesNS/nobody/python_upgrade_readiness_app/storage/collections/data/era_remote_dismiss_file

Reinstating dismissed file

Take one of the following actions if you accidentally dismiss an app or file path and want to reinstate it in future scans:

  • If you're using Splunk Enterprise, delete the Upgrade Readiness App from your instance and then reinstall it. This method is only available in Splunk Enterprise, not in Splunk Cloud Platform.
  • Run the following command in the Search & Reporting app to recover all the file paths you have ever dismissed:
    | outputlookup jra_remote_dismiss_file
    
  • Run the following command in the Search & Reporting app to recover all the apps you have ever dismissed:
    | outputlookup jra_remote_dismiss_app
    
Last modified on 25 January, 2023
Act on jQuery scan results with the Upgrade Readiness App   REST API reference for the Upgrade Readiness App

This documentation applies to the following versions of Splunk® Enterprise: 9.0.0, 9.0.1, 9.0.2, 9.0.3, 9.0.4, 9.0.5, 9.0.6, 9.0.7, 9.0.8, 9.0.9, 9.0.10, 9.1.0, 9.1.1, 9.1.2, 9.1.3, 9.1.4, 9.1.5, 9.1.6, 9.2.0, 9.2.1, 9.2.2, 9.2.3, 9.3.0, 9.3.1


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters