Install the Splunk App for Enterprise Security
This topic describes how to use the Enterprise Security Install App to install the Splunk App for Enterprise Security
Splunk App for Enterprise Security prerequisites
Review "Splunk Enterprise deployment planning" in this manual to validate the requirements for the Enterprise Security app. You must be logged into splunk.com with your Splunk.com ID and be a licensed Enterprise Security customer to download the app.
Step 1. Download the Splunk App for Enterprise Security
- Download the latest version of the Splunk App for Enterprise Security.
- Choose Download App, and save the Splunk Enterprise Security Install App to your desktop.
- On the search head, select App > Manage Apps > Install App from File.
Step 2. Launch the Splunk Enterprise Security Install App
- With Splunk running and while you are logged in as a Splunk administrator, navigate to to the Enterprise Security Install App on the Splunk Home page.
- Click the Enterprise Security Install App to launch it.
Step 3. Install the Splunk App for Enterprise Security
The Enterprise Security Install App shows that the Splunk App for Enterprise Security is not installed. The steps for the install shown on the left-hand side of the panel.
- Click Install to begin the installation. You must restart Splunk to finish the installation.
- Click OK, then click Restart Splunk in the lower right.
- The Install App and Enterprise Security will enable SSL. You must change the Splunk URL to use
httpafter you install the Install App or the Enterprise Security app.
Step 4. Re-Launch Enterprise Security Install App after Splunk restart
Note: The Splunk App for Enterprise Security enables SSL. The link to Splunk Enterprise provides the correct protocol redirection to
https. If you do not get redirected properly, check the protocol in your web browser. For example: https://splunk_host:8000).
After Splunk restarts, click the link click here to continue and log in again.
The Enterprise Security Install App reports on the installation:
Splunk App for Enterprise Security is up to date. Current version (version:3.x.x, build:xxxx) is installed. You will be notified of future updates.
Step 5. Finalize the app setup
The setup procedure must be run for the proper functioning of some Enterprise Security dashboards.
- From Home, choose the Enterprise Security app.
- Choose Continue to app setup page on the App configuration dialog box.
- Verify the settings on the Splunk App for Enterprise Security Setup page.
- Select Save. The Enterprise Security configure page appears.
- Select Enterprise Security to display the Enterprise Security Home page.
Step 6. Configure Enterprise Security
To continue the configuration of the Enterprise Security app, see "Steps to configure" in this manual.
Steps to configure
This documentation applies to the following versions of Splunk® Enterprise Security: 3.2.1, 3.2.2, 3.3.0, 3.3.1