Splunk® Enterprise Security

Install and Upgrade Splunk Enterprise Security

This documentation does not apply to the most recent version of Splunk® Enterprise Security. For documentation on the most recent version, go to the latest release.

Install the Splunk App for Enterprise Security

This topic describes how to use the Enterprise Security Install App to install the Splunk App for Enterprise Security

Splunk App for Enterprise Security prerequisites

Review "Splunk Enterprise deployment planning" in this manual to validate the requirements for the Enterprise Security app. You must be logged into splunk.com with your Splunk.com ID and be a licensed Enterprise Security customer to download the app.

Step 1. Download the Splunk App for Enterprise Security

  1. Download the latest version of the Splunk App for Enterprise Security.
  2. Choose Download App, and save the Splunk Enterprise Security Install App to your desktop.
  3. On the search head, select App > Manage Apps > Install App from File.

Step 2. Launch the Splunk Enterprise Security Install App

  1. With Splunk running and while you are logged in as a Splunk administrator, navigate to to the Enterprise Security Install App on the Splunk Home page.
  2. Click the Enterprise Security Install App to launch it.

Step 3. Install the Splunk App for Enterprise Security

The Enterprise Security Install App shows that the Splunk App for Enterprise Security is not installed. The steps for the install shown on the left-hand side of the panel.

ES-install-first.png

  1. Click Install to begin the installation. You must restart Splunk to finish the installation.
  2. Click OK, then click Restart Splunk in the lower right.
  3. The Install App and Enterprise Security will enable SSL. You must change the Splunk URL to use https instead of http after you install the Install App or the Enterprise Security app.

Step 4. Re-Launch Enterprise Security Install App after Splunk restart

Note: The Splunk App for Enterprise Security enables SSL. The link to Splunk Enterprise provides the correct protocol redirection to https. If you do not get redirected properly, check the protocol in your web browser. For example: https://splunk_host:8000).

After Splunk restarts, click the link click here to continue and log in again.

The Enterprise Security Install App reports on the installation: 

    Splunk App for Enterprise Security is up to date. 
    Current version (version:3.x.x, build:xxxx) is installed.
    You will be notified of future updates.

Step 5. Finalize the app setup

The setup procedure must be run for the proper functioning of some Enterprise Security dashboards.

  1. From Home, choose the Enterprise Security app.
  2. Choose Continue to app setup page on the App configuration dialog box.
  3. Verify the settings on the Splunk App for Enterprise Security Setup page.
  4. Select Save. The Enterprise Security configure page appears.
  5. Select Enterprise Security to display the Enterprise Security Home page.

ES-homepage 3.0.png

Step 6. Configure Enterprise Security

To continue the configuration of the Enterprise Security app, see "Steps to configure" in this manual.

Last modified on 31 August, 2017
Install Add-ons   Configuration overview

This documentation applies to the following versions of Splunk® Enterprise Security: 3.2.1, 3.2.2, 3.3.0, 3.3.1

Acrobat logo Download manual
Acrobat logo Download this page

Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters