Install the Splunk App for Enterprise Security
This topic describes how to use the Enterprise Security Install App to install the Splunk App for Enterprise Security
Splunk App for Enterprise Security prerequisites
Review "Splunk Enterprise deployment planning" in this manual to validate the requirements for the Enterprise Security app before beginning the installation.
Step 1. Download the Splunk App for Enterprise Security
1. Download the latest Splunk App for Enterprise Security Install app.
2. Choose Download App and save the Splunk Enterprise Security Install App to your desktop.
Important: You must be logged into Splunk Apps with your Splunk.com ID and be a licensed Enterprise Security customer to download the app. If you have issues, contact Splunk Support.
3. On the search head, navigate to App > Manage Apps… > Install App from File to add the Install App to your Splunk Enterprise instance.
Important: The Install App and Enterprise Security will both enable SSL. You must change the Splunk URL to use https instead of http after installing the Install App or ES.
Step 2. Launch the Splunk Enterprise Security Install App
With Splunk already running and while logged in as a Splunk administrator, navigate to to the Enterprise Security Install App on the Splunk Home page.
Click the Enterprise Security Install App to launch it.
Step 3. Install the Splunk App for Enterprise Security
The Enterprise Security Install App shows that the Splunk App for Enterprise Security is not currently installed.
Click Install to begin the installation. A dialog box reminds you that you must restart Splunk to finish the installation. Click OK, then click Restart Splunk in the lower right corner of the screen.
Notice the steps for the install shown on the left-hand side of the panel.
Step 4. Re-Launch Enterprise Security Install App after Splunk restart
When Splunk has restarted, click the link click here to continue and log in again.
Note: The Splunk App for Enterprise Security automatically enables SSL. The link to Splunk should already provide the correct protocol redirection (https). If you do not get redirected properly, check the protocol in your web browser (for example: https://localhost:8000).
The Enterprise Security Install App displays:
Splunk App for Enterprise Security is up to date.
Current version (version:3.1.x, build:xxxx) is installed.
You will be notified of future updates.
Important: Do not remove or disable the Enterprise Security Install App. The Install app will notify you of any updates to the Splunk App for Enterprise Security.
Step 5. Finalize the app setup
1. From Home, Choose the Enterprise Security app.
2. Choose Continue to app setup page on the App configuration dialog.
Important: After the upgrade is performed, if the setup procedure is not run there may display errors on some Enterprise Security dashboards.
3. Verify the settings on the Splunk App for Enterprise Security Setup page.
4. Choose Save. The Enterprise Security configure page appears.
5. Choose Enterprise Security to display the Enterprise Security Home page.
Step 6. Configure Enterprise Security
See "Steps to configure" in this manual for details on configuring the Splunk App for Enterprise Security.
| Install Add-ons | Steps to configure |
This documentation applies to the following versions of Splunk® Enterprise Security: 3.1, 3.1.1
Download manual
Feedback submitted, thanks!