Splunk® App for Splunk Attack Analyzer

User Guide

Acrobat logo Download manual as PDF


Acrobat logo Download topic as PDF

Install the Splunk App for Splunk Attack Analyzer

You can install the Splunk App for Splunk Attack Analyzer on Splunk Cloud Platform, or you can install it on Splunk Enterprise in a single-instance or distributed environment.

The Splunk App for Splunk Attack Analyzer doesn't interfere with or impact Splunk Enterprise Security. You can safely install the Splunk App for Splunk Attack Analyzer on a Splunk Enterprise Security search head or search head cluster.

Prerequisites

  1. Purchase Splunk Attack Analyzer.

    You must purchase Splunk Attack Analyzer to use the app.

  2. Download the Splunk Add-on for Splunk Attack Analyzer from Splunkbase.
  3. Install and configure the Splunk Add-on for Splunk Attack Analyzer.
  4. Download the Splunk App for Splunk Attack Analyzer from Splunkbase.
  5. Check the Splunk App for Splunk Attack Analyzer installation requirements to ensure compatibility. See Installation requirements and version dependencies.

Install on a Splunk Enterprise single-instance deployment

In a single-instance deployment, you can install the Splunk App for Splunk Attack Analyzer on your Splunk Enterprise search head using Splunk Web or a downloaded file.

Install the app using Splunk Web

  1. Log in to your Splunk Enterprise search head.
  2. In the Applications menu, select Find More Apps.
  3. On the Browse More Apps page, select or search for the Splunk App for Splunk Attack Analyzer and select Install.
  4. Enter your splunk.com credentials.
  5. Accept the license terms.
  6. Select Login and Install.
  7. Select Done.
  8. Restart Splunk Enterprise to complete the installation.

Install the app from a downloaded file

  1. Log in to splunkbase.splunk.com.
  2. Search for and download the Splunk App for Splunk Attack Analyzer and save it to an accessible location.
  3. Log in to your Splunk Enterprise search head.
  4. On the Apps menu, select Manage Apps.
  5. On the Apps page, select Install app from file.
  6. On the Upload app page, select the Choose file button and locate the app in your files.
  7. Select Upload.
  8. Select Done.
  9. Restart Splunk Enterprise to complete the installation.

Install on a Splunk Enterprise distributed deployment

In a distributed deployment, install the Splunk App for Splunk Attack Analyzer on search heads only. This app is safe to install in large clusters because it has no impact on indexers. For installation instructions, see Install an add-on in a distributed Splunk Enterprise deployment in the Splunk Supported Add-ons manual.

Install on Splunk Cloud Platform

You can install the Splunk App for Splunk Attack Analyzer on your Splunk Cloud Platform deployment. For more information, see Install apps in your Splunk Cloud Platform deployment in the Splunk Cloud Platform Admin Manual.

Next step

Configure macros in the Splunk App for Splunk Attack Analyzer.

Last modified on 29 August, 2023
PREVIOUS
Installation requirements and version dependencies 		  NEXT
Configure macros in the Splunk App for Splunk Attack Analyzer

This documentation applies to the following versions of Splunk® App for Splunk Attack Analyzer: 1.0.0, 1.1.0, 1.1.1

Was this documentation topic helpful?


You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters