Install the Splunk App for PCI Compliance

The Splunk App for PCI Compliance includes the PCI Compliance Install App, an install and upgrade tool that can help you install the Splunk App for PCI Compliance, upgrade a PCI Compliance Suite installation, or upgrade to a maintenance release.

To perform a manual upgrade, or to upgrade a distributed deployment, see Install the app manually.

Get the Splunk for PCI Compliance Install App

Go to the download link for the Splunk App for PCI Compliance. Click Download App and save the Splunk App for PCI Compliance Installer (splunk_app_installer_pci-2.1.x-xxxxxx.spl) in your local Splunk directory ($SPLUNK_HOME/).

Note: This is a Splunk Package file that contains the Splunk PCI Compliance Install App. The .SPL file is a TAR GZ.

Select App > Manage Apps > Install App from File to add the Installer to your Splunk instance. Follow the instructions in this section to complete the installation steps.

The PCI Compliance Install App can be used for the following reasons.

• To perform a new installation of the Splunk App for PCI Compliance
• To upgrade the Splunk App for PCI Compliance 2.0 to a newer version

First install of the Splunk App for PCI Compliance

After installing the app from the file (previous step), follow the steps in this section to use the PCI Compliance Install App to install the Splunk App for PCI Compliance for the first time.

For details about what is new in this release, see What's New in the Release Notes and the PCI Compliance User Manual.

Launch the Splunk PCI Compliance Install App

With Splunk Enterprise already running and while logged in as a Splunk Enterprise administrator, use Splunk Web to navigate to to the PCI Compliance Install App on the Splunk Home page in Splunk Web.

Click the PCI Compliance Install App to launch it.

Install the Splunk App for PCI Compliance

The PCI Compliance Install App shows that the Splunk App for PCI Compliance is not installed in this location.

1. Click Install to begin the installation. A dialog box reminds you that you must restart Splunk Enterprise to finish the installation.

2. Click OK and click Restart Splunk.

Re-Launch PCI Compliance Install App after restart

When Splunk Enterprise has restarted, click on click here to continue and log in again.

Note: The Splunk App for PCI Compliance enables SSL. The link to Splunk Enterprise already provides the correct protocol redirection (https). If you do not get redirected properly, check the protocol in your web browser (for example: https://localhost:8000).

The PCI Compliance Install App should display a message like:

The most recent PCI Compliance Suite App is installed.

Do not remove or disable the PCI Compliance Install App. The app notifies you of any updates to the Splunk App for PCI Compliance.

Navigate to Splunk Home. Click PCI Compliance Setup. If you have not installed the Sideview Utils app, you see a notice to install the app, along with a link to Splunkbase.

1. Click the link to navigate to Splunkbase.

2. Download Sideview Utils. Provide your Splunk Enterprise credentials to log into Splunkbase.

3. Select Manager > Apps > Install app from file.

4. Refresh the Splunk App for PCI Compliance Setup page. Sideview Utils is enabled.

Verify the settings on the Splunk App for PCI Compliance Setup page. Click Save. You must restart Splunk Enterprise for the configuration changes to be applied.

See "Steps to configure" in this manual for details on configuring the Splunk App for PCI Compliance.

Click PCI Compliance to display PCI Home page.