Skip to main content

Splunk Lantern turned 5 on May 28th. Thank you for being one of our 750,000 annual users!
Click here to join our Slack channel to tell us what you love about the site or what content you'd like to see more of.

 

Splunk Lantern

Upgrading to Enterprise Security 8.0.x - Overview

 

This guide is designed to help you upgrade or migrate pre-8.0.x Splunk Enterprise Security deployments to Splunk Enterprise Security 8.0.x.  Before completing an upgrade, review the release notes for Splunk Enterprise Security 8.0.x.

The procedures in this guide provide the following:

  • Best practices for working around known upgrade roadblocks or obstacles
  • Guidance on when to postpone an upgrade due to roadblocks with no workaround in the current product version
  • A technical list of pre-checks to run prior to the upgrade and a test plan that can be used to validate the success of an upgrade
  • References and guidance on how to upgrade to Splunk Enterprise Security 8.0.x

Splunk Enterprise Security 8.0.x upgrades are available as an engagement with Splunk Professional Services. If you do not feel comfortable completing these steps on your own, contact our Professional Services experts.

Business value of the upgrade

Splunk Enterprise Security 8.0.x is the latest generation of our premium security solution that is meant to deliver the next generation SIEM experience through changes to the underlying architecture. The new case management lifecycle and Mission Control queue design address storage and performance concerns from previous versions, providing a more scalable and efficient solution for security incident management.

Splunk Enterprise Security 8.0.x has introduced streamlined terminology changes across detection, findings, and investigations workflows that significantly improve the analyst’s experience by aligning to the Open Cybersecurity Schema Framework (OCSF).

  • Written by Randy Trobock and Ted Skinner
  • Professional Services at Splunk