Splunk® App for ES Health Check

User Guide

Download manual as PDF

Download topic as PDF

Install the Splunk App for ES Health Check

Install the Splunk App for ES Health Check in a single-instance or distributed environment. Use the tables below to determine where and how to install the Splunk App for ES Health Check in a Splunk Enterprise deployment.

Where to install the app in a distributed deployment

Use the table to determine where to install the app in a Splunk Enterprise distributed deployment.

Splunk instance type Supported Comments
Search Heads Yes Install this app on the search head.
Indexers No The app does not contain indexes or index-time transformations.
Forwarders No The app does not contain inputs for forwarder data collection.

Distributed deployment compatibility

Use the table to check the compatibility of the app with Splunk Enterprise distributed deployment features.

Distributed deployment feature Supported Comments
Search Head Clusters Yes Use the search head cluster deployer to distribute apps across search head cluster members. See Install an add-on in a distributed Splunk Enterprise deployment in the Splunk Add-ons documentation.
Indexer Clusters No The app does not contain indexes or index-time transformations.
Deployment Server No The app does not contain inputs for forwarder data collection.

Install the app using Splunk Web

  1. Log on to the Splunk Enterprise Security search head.
  2. On the Splunk Enterprise menu bar, open Searching and Reporting > App and select Find More Apps.
  3. On the Browse more apps page, locate the app in the list, or type the name in the search box.
  4. Provide your splunk.com credentials.
  5. Accept the license terms
  6. Click Login and Install
  7. Click Done.
  8. Restart splunk services to complete the installation.

Install the app from a downloaded file

  1. Log on to splunkbase.splunk.com
  2. Download the Splunk® App for ES Health Check and save it to an accessible location.
  3. Log on to the Splunk Enterprise Security search head.
  4. On the Splunk Enterprise menu bar, open Searching and Reporting > App and select Manage Apps.
  5. On the Apps page, click Install App from file.
  6. On the Upload app page, click the Choose file button to locate the app.
  7. Click Upload.
  8. Click Done.
  9. Restart splunk services to complete the installation.

Set up the Splunk App for ES Health Check

Before you can begin using the app, you must configure it by using the setup page. The Health Check app uses a regular expression to match the host name of the Splunk Enterprise instances in your environment. Some reports will not run if the regex parameters do not match the search head and indexer instance host names.

  1. Run setup
  2. Define the regex parameters to match the search head host name. You can also match the host value defined in local/inputs.conf, or an IP address.
  3. Define the regex parameters to match the indexer host name. You can also match the host value defined in local/inputs.conf, or an IP address.
  4. Click Save.

Review or change the setup

  1. On the Splunk Enterprise menu bar, open Settings > Advanced search and select Search macros.
  2. In the search bar, search for the macros named "indexers" or "search_heads".
  3. Select the macro and modify the Definition field as required. The completed entry must be enclosed in double quotes.
  4. Save.
PREVIOUS
Hardware and software requirements
  NEXT
Troubleshooting the app

This documentation applies to the following versions of Splunk® App for ES Health Check: 1.0.0


Was this documentation topic helpful?

Enter your email address, and someone from the documentation team will respond to you:

Please provide your comments here. Ask a question or make a suggestion.

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters