Upgrade on Linux
Follow the steps below to install the UXM Monitoring solution On-Premise, the software can be downloaded from here: Download server software.
Please note that the system has only been tested with Splunk version 7.1+.
Upgrade Splunk
Download newest Splunk version from https://www.splunk.com/en_us/download/splunk-enterprise.html or from our download site if you don't want to create a Splunk profile.
For Trial installations: Please uninstall old Splunk installation first and then re-install Splunk + UXM Splunk App, this will extend Splunk with a new 60 days trial and remove old license violations, if Splunk license has expired. Note that it will also delete all old data.
See Uninstall Splunk
Ubuntu: sudo /opt/splunk/bin/splunk disable boot-start && sudo /opt/splunk/bin/splunk stop
sudo dpkg -r splunk
Red Hat:
sudo /opt/splunk/bin/splunk disable boot-start && sudo /opt/splunk/bin/splunk stop
sudo rpm -q -a | grep -i splunk
sudo rpm -e splunk_product_name
Please see the Install on Linux guide and perform a new clean installation of Splunk.
It's recommended to take a snapshot of the server first or stop and backup the splunk folder under /opt/splunk/.
Note: Index files can be moved to another location, see /opt/splunk/etc/splunk-launch.conf SPLUNK_DB section for where your Splunk indexes is stored.
Our install guide recommends /mnt/disks/data/indexes.
On single server setups it's enough to download and execute the installer package, see http://docs.splunk.com/Documentation/Splunk/latest/Installation/HowtoupgradeSplunk for multi server setups.
Ubuntu:
sudo dpkg -i splunk-9.X.X-yyyyyyyyyyyy-linux-2.6-amd64.deb
sudo runuser -l splunk -c '/opt/splunk/bin/splunk start --accept-license --answer-yes'
Red Hat:
chmod 744 splunk-9.X.X-yyyyyyyyyyyy-linux-2.6-x86_64.rpm
sudo rpm -U splunk-9.X.X-yyyyyyyyyyyy-linux-2.6-x86_64.rpm
Note: Default installation directory is /opt/splunk
Make Splunk auto-start
Make Splunk auto-start when server is rebooted. You will be asked to create an user and password for the admin account.
sudo /opt/splunk/bin/splunk enable boot-start -systemd-managed 1 -user splunk --accept-license
Start Splunk
Start the Splunk service.
sudo systemctl start Splunkd.service
Upgrade UXM Monitoring Splunk App
The UXM Monitoring Splunk App can be downloaded from here: Download server software
1. Upload app through Splunk Apps manager
Login to splunk and goto the Manage Apps page.
Select "Install app from file".
Select the uxmapp_YYYY.MM.DD.tar.gz file and press Upload. (Upgrade app is only needed when app already exists and you want to upgrade it)
UXM distributes it's dashboards and settings through appfolder/default, all changes you do inside Splunk to dashboards and config is stored under appfolder/local.
You could have local copies under /opt/splunk/etc/apps/uxmapp/local/ if you upgrade the app, if dashboards doesn't work or isn't upgraded, please check and delete those if the changes isn't needed and restart the splunk server.
Select Restart Later, we will first have to run the app setup before restarting Splunk.
2. Configure app through Splunk Apps manager
Select "Set up" to configure the UX Monitoring app, Macros and Indexes is checked and configured when using the Set up, so it's important to perform also on upgrades.
Enter path to where video/screenshots should be stored. (Default /mnt/disks/data/storage) and press Save.
Agent Key is used if connecting Desktop / Robot agents to the system.
The top will show a sucessfully updated status when done.
3. Clear CSS/JS caches
Splunk caches CSS/JS files for a long period, open http://fqdn_or_ip:8000/en-GB/_bump or https://fqdn_or_ip:8000/en-GB/_bump and press Bump version to get Splunk to refresh it's CSS/JS files cache.
4. Optional: Generate summary indexes for old data
There might not be any old data in the summary indexes, which will leave the charts and tables empty when you look at the last X days of data.
The summary data can be generated with the following commands, please note that it can take a very long time for each day Splunk needs to calculate rolled up data values.
You will have to replace the following values:
appName with the name of the app. (Default uxmapp)
-7d@d tells Splunk to calculate the last 7 days.
-j 4 tells Splunk to run 4 simultaneously search queries.
splunkAdminUser:splunkAdminPassword with you administrator Splunk login.
cd /opt/splunk/bin
sudo ./splunk cmd python fill_summary_index.py -app uxmapp -name "*" -et -7d@d -lt now -dedup true -j 4 -owner admin -auth splunkAdminUser:splunkAdminPassword