Splunk® App for CEF

Deploy and Use Splunk App for CEF

Download manual as PDF

Download topic as PDF

Installation and configuration overview for the Splunk App for CEF

Complete the following steps to install and use this app.



  1. If you are installing this app for the first time, follow the instructions to Install the Splunk App for CEF.
  2. If you are upgrading from the 1.0.0 version of the app, follow the instructions in Upgrade an existing installation of the Splunk App for CEF.
  3. Define CEF mappings and output groups with the Splunk App for CEF.
  4. Deploy the Splunk Add-on for CEF Output to indexers.
Last modified on 17 January, 2019
How the Splunk App for CEF works
Hardware and software requirements for the Splunk App for CEF

This documentation applies to the following versions of Splunk® App for CEF: 2.1.0, 2.2.0, 2.3.0

Was this documentation topic helpful?

Enter your email address, and someone from the documentation team will respond to you:

Please provide your comments here. Ask a question or make a suggestion.

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters