Splunk Cloud Platform

Upgrade Readiness

Acrobat logo Download manual as PDF


This documentation does not apply to the most recent version of SplunkCloud. Click here for the latest version.
Acrobat logo Download topic as PDF

Release notes for the Upgrade Readiness App

The Upgrade Readiness App version 3.0.2 was released on November 11, 2021. This version is compatible with Splunk Cloud Platform 8.2.2107 and higher and Splunk Enterprise versions 7.3, 8.0, 8.1 and 8.2 and higher.

Feature updates

Version Introduced Description
3.0.2 The Upgrade Readiness App is now visible only to users with admin or sc_admin roles.
3.0.2 The Splunk User Behavior Analytics and Splunklib apps are now excluded from scans.
3.0.1 Removed the ability to perform ad-hoc scans.
3.0.1 Added the option to cancel the scheduled scan.
3.0.1 You can can now view a merged report of search head and indexer data in a single interface. Files present on a search head only are tagged as local, files present on an indexer only are tagged remote, and files present on both have both tags.
3.0.1 You can now schedule a scan on a remote Indexer from a search head. The new schedule takes effect after 2 hours.
3.0.1 You can view the number of dismissed public and private apps in the scan summary.
3.0.1 Splunk Cloud Platform users can request to upgrade from Python 2 to Python 3. The request is stored in Skynet and completed by TechOps team members. You can view all requests in the Python version tab of the Upgrade Readiness app, and retract a request if your deployment is not yet upgraded. Once your deployment is upgraded, all admins receive an email notifying them that the upgrade is complete.
3.0.1 Public apps that do not have a version in Splunkbase are flagged as failed. A warning message displays next to the name of the application.
3.0.1 You can now scan for jQuery vulnerabilities on the jQuery Scan tab of the Upgrade Readiness app. Scans are conducted on the following criteria. These criteria are based on the AppInspect jQuery scan logic. Private apps can fail the scan on any of these points, while public apps are only evaluated on the first two points.
  • Dashboard XML files that are not tagged version 1.1 or higher.
  • Packaged jQuery libraries with a version lower than jQuery 3.5.
  • All application JS files that reference files on the disallowed list.

All other scan features are identical to the Python Scan tab.

Known issues and troubleshooting

Version Description Workaround
2.0.0 and higher Upon upgrade from a previous version of the Upgrade Readiness App, the following error message can appear in the UI:
name 'MERGED_DIR' is not defined
Wait 4 to 5 minutes for the report to load. If the report is not generated, an appropriate message appears.
2.0.0 and higher Splunkbase metadata is not fetched frequently enough. Modify the interval setting in the following scripted input stanza in the inputs.conf file:
script://$SPLUNK_HOME/etc/slave-apps/python_upgrade_readiness_app/bin/pura_get_all_apps.py

After updating the interval, you must restart your Splunk platform instance.

For more information on scripted inputs, see inputs.conf

For help setting the interval in cron format, see https://crontab.guru

2.0.0 and higher You need to scan a public app as a private app. You can convert a public app to a private app for scanning purposes:
  1. Add the public app folder to the lookup file at the following location:
    $SPLUNK_HOME/etc/apps/python_upgrade_readiness_app/lookups/pura_mark_public_as_private.csv
    
  2. Run the following search:

    | stats count | eval app_folder_name = "<name of application folder>" | table app_folder_name | outputlookup append=true pura_mark_public_as_private

Last modified on 21 January, 2022
PREVIOUS
REST API reference for the Upgrade Readiness App
  NEXT
Share data in the Upgrade Readiness App

This documentation applies to the following versions of Splunk Cloud Platform: 8.2.2107, 8.2.2109, 8.2.2111, 8.2.2112


Was this documentation topic helpful?


You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters