Splunk® Enterprise Security

Installation and Upgrade Manual

Acrobat logo Download manual as PDF

This documentation does not apply to the most recent version of ES. Click here for the latest version.
Acrobat logo Download topic as PDF


A number of add-ons are provided within the Splunk App for Enterprise Security so that you can start mapping your data right away.

The provided add-ons include:

Splunk_TA_nix Splunk_TA_windows Splunk-TA-nessus TA-airdefense
TA-alcatel TA-bluecoat TA-cef TA-fireeye
TA-flowd TA-fortinet TA-ftp TA-ip2location
TA-juniper TA-mcafee TA-ncircle TA-nmap
TA-oracle TA-ossec TA-paloalto TA-rsa
TA-sav TA-sep TA-snort TA-sophos
TA-splunk TA-tippingpoint TA-trendmicro TA-websense

Find out more about these out-of-the-box add-ons in the Data Source Integration Manual

You can download additional apps from Splunk Apps, provided they are compatible with the Splunk App for Enterprise Security.

Updated add-ons

An add-on used by the Splunk App for Enterprise Security may be updated independent of the Enterprise Security App, and made available on Splunk Apps.

Update the app from within Splunk

To check for a newer version, go to Manage Apps from the Splunk menu. If there is an updated version of an add-on, there will be a link similar to this: 4.6.0|Update to 4.6.3 in the Version column.

1. To update your existing add-on with the newer one, click the link in the version column.

2. A window will confirm that there is an updated version of the add-on. Click Update to get the newer version.

3. You may need to restart Splunk to install the add-on. Click Restart.

Note: You will need to be logged into Splunk.com to download the add-on.

Update the app manually

You can also download the newer add-on directly from Splunk Apps.

1. Go to Splunk Apps and find the new version of the add-on. Download the add-on to your desktop or local directory. For example, download the Splunk for Unix and Linux add-on from Splunk Apps.

2. Install the add-on by navigating to Manage Apps > Install app from file from the Splunk Home page. Browse to the add-on location and select the add-on.

Be sure to select Upgrade app... so that the newer version of the add-on overwrites the older one. Click Upload.

3. You may need to restart Splunk to install the add-on. Click Restart.

Last modified on 16 April, 2014
Plan your data inputs
Splunk deployment server

This documentation applies to the following versions of Splunk® Enterprise Security: 3.0, 3.0.1

Was this documentation topic helpful?

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters