Installation
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

what is the supported version of splunk enterprise for RHEL 7.9

krishnaunni
New Member
‎04-08-2025 04:31 PM

Dear Team,

I am currently running Splunk Enterprise version 9.1.0.1 on a RHEL 7.9 system. I would like to clarify the following:

What is the supported version of Splunk Enterprise for RHEL 7.9?

Does Splunk Enterprise include Heavy Forwarders (HF) and Deployment Servers (DS) by default, or do these components need to be installed separately?

Given that I currently have Splunk 9.1.0.1 installed on RHEL 7.9, what would be the recommended version of Splunk Enterprise moving forward?

I appreciate your assistance and look forward to your response.

Labels (2)
Labels
0 Karma
Reply

livehybrid
Super Champion
‎04-08-2025 11:47 PM

Hi @krishnaunni 

Given that you are limited to RHEL 7.9 - I would recommend moving to Splunk 9.2.x (9.2.5) which is supported til Jan 31 2026

RHEL 7.9 is supported up to Splunk Enterprise 9.2.x, specifically it is Kernel 3.x which is supported up to 9.2.x however is marked as deprecated - meaning that from future versions it is no longer supported.

"Splunk supports this platform and architecture, but might remove support in a future release"

Kernel 3.x is listed as removed from the 9.3.x build release notes: https://docs.splunk.com/Documentation/Splunk/9.3.0/ReleaseNotes/Deprecatedfeatures#:~:text=in%20this...

Regarding your mention of HF/DS - these are actually the same installation package - Splunk Enterprise is the installation and then the configuration applied to it determines whether it is a HF / DS / SearchHead (SH) etc, with the exception of the Universal Forwarder (UF) which is a smaller package with fewer features available (such as Python environment etc).

🌟 Did this answer help you? If so, please consider:

  • Adding karma to show it was useful
  • Marking it as the solution if it resolved your issue
  • Commenting if you need any clarification

Your feedback encourages the volunteers in this community to continue contributing

 

0 Karma
Reply

kiran_panchavat
Influencer
‎04-08-2025 10:52 PM

@krishnaunni 

What is the supported version of Splunk Enterprise for RHEL 7.9?

For a list of supported operating systems, see

https://docs.splunk.com/Documentation/Splunk/latest/Installation/Systemrequirements 

NOTE: Splunk doesn't care what flavor of Linux you use. As long as the kernel is a supported version you'll be fine.

kiran_panchavat_0-1744177368522.png

Does Splunk Enterprise include Heavy Forwarders (HF) and Deployment Servers (DS) by default, or do these components need to be installed separately?

Splunk Enterprise (Full Package) includes all Splunk components except for the Universal Forwarders. Please find the package details below.

Splunk Enterprise:- https://www.splunk.com/en_us/download/splunk-enterprise.html 

Splunk Universal Forwarder:- https://www.splunk.com/en_us/download/universal-forwarder.html 

Splunk Enterprise is a full-featured platform that includes the capabilities for both Heavy Forwarders and Deployment Servers within its installation. These aren’t separate packages you need to install they’re roles you configure within a Splunk Enterprise instance.
 
Did this help? If yes, please consider giving kudos, marking it as the solution, or commenting for clarification — your feedback keeps the community going!
0 Karma
Reply

PickleRick
SplunkTrust
SplunkTrust
‎04-08-2025 09:15 PM

There are only two installers - the Universal Forwarder and the "full" Splunk Enterprise packages. DS, HF, indexer and so on - these are just server roles which are configured on the "full" installation.

https://docs.splunk.com/Documentation/Splunk/latest/Installation/Systemrequirements

https://docs.splunk.com/Documentation/Splunk/latest/Installation/HowtoupgradeSplunk

0 Karma
Reply
Get Updates on the Splunk Community!

Aligning Observability Costs with Business Value: Practical Strategies

 Join us for an engaging Tech Talk on Aligning Observability Costs with Business Value: Practical ...

Mastering Data Pipelines: Unlocking Value with Splunk

 In today's AI-driven world, organizations must balance the challenges of managing the explosion of data with ...

Splunk Up Your Game: Why It's Time to Embrace Python 3.9+ and OpenSSL 3.0

Did you know that for Splunk Enterprise 9.4, Python 3.9 is the default interpreter? This shift is not just a ...
OSZAR »