Please see the following ITS maintenance notification:
Dates: Monday, March 20, 2023
Start Time: 7:00 PM
End Time: 11:59 PM
The following work is being completed: Splunk systems managed by Information Technology Services will be updated to include newly released patches. As part of these updates, Splunk systems may need to be rebooted. Windows logging will also be changed to classic logs which will affect any saved searches, reports, or dashboards that involved Windows OS logs.
All affected groups: Entire WSU community.
Duration of impact: Services may be unavailable for several minutes as Splunk services are upgraded. Those services using redundant servers to provide additional availability should expect no user impact.
All processes affected: WSU Splunk services, Windows OS logs to Splunk infrastructure and Splunk Universal Forwarders.
Follow up steps customers need to take: Please check Splunk universal forwarder compatibility and upgrade UF?s to match Splunk system version of 9.0.4. You can download the updated UF version here: https://urldefense.com/v3/__https://emailwsu.sharepoint.com/sites/infosec/SitePages/Splunk.aspx__;!!JmPEgBY0HMszNaDT!t1_w9VRFDU5Oml3w8VVcFDJ4K3ayIa9mMacpnymukwz8qrCCDTNFpyp7FcPANvUyUQ9iiUQ64MHJWPtra-5k2CuKG7Rrlbg$
You can check Splunk Universal Forwarder compatibility here: https://urldefense.com/v3/__https://docs.splunk.com/Documentation/VersionCompatibility/current/Matrix/Compatibilitybetweenforwardersandindexers__;!!JmPEgBY0HMszNaDT!t1_w9VRFDU5Oml3w8VVcFDJ4K3ayIa9mMacpnymukwz8qrCCDTNFpyp7FcPANvUyUQ9iiUQ64MHJWPtra-5k2CuKSunq0jk$
Questions? Issues should be routed through the ISS Splunk support (splunksupport@wsu.edu or 509-335-4357)