Splunk® App for PCI Compliance

Installation and Configuration Manual

Download manual as PDF

This documentation does not apply to the most recent version of PCI. Click here for the latest version.
Download topic as PDF

Install the Splunk App for PCI Compliance

The Splunk App for PCI Compliance includes the PCI Compliance Install App, an install and upgrade tool that can help you install the Splunk App for PCI Compliance, upgrade a PCI Compliance Suite installation, or upgrade to a maintenance release.

To perform a manual upgrade, or to upgrade a distributed deployment, see Install the app manually.

Get the Splunk for PCI Compliance Install App

Go to the download link for the Splunk App for PCI Compliance. Click Download App and save the Splunk App for PCI Compliance Installer (splunk_app_installer_pci-2.1.x-xxxxxx.spl) in your local Splunk directory ($SPLUNK_HOME/).

Note: This is a Splunk Package file that contains the Splunk PCI Compliance Install App. The .SPL file is a TAR GZ.

Select App > Manage Apps > Install App from File to add the Installer to your Splunk instance. Follow the instructions in this section to complete the installation steps.

The PCI Compliance Install App can be used for the following reasons.

First install of the Splunk App for PCI Compliance

After installing the app from the file (previous step), follow the steps in this section to use the PCI Compliance Install App to install the Splunk App for PCI Compliance for the first time.

For details about what is new in this release, see What's New in the Release Notes and the PCI Compliance User Manual.

Launch the Splunk PCI Compliance Install App

With Splunk Enterprise already running and while logged in as a Splunk Enterprise administrator, use Splunk Web to navigate to to the PCI Compliance Install App on the Splunk Home page in Splunk Web.

Pci-upgrade wizard splunk home new.png

Click the PCI Compliance Install App to launch it.

Install the Splunk App for PCI Compliance

The PCI Compliance Install App shows that the Splunk App for PCI Compliance is not installed in this location.

1. Click Install to begin the installation. A dialog box reminds you that you must restart Splunk Enterprise to finish the installation.

2. Click OK and click Restart Splunk.

Re-Launch PCI Compliance Install App after restart

When Splunk Enterprise has restarted, click on click here to continue and log in again.

Note: The Splunk App for PCI Compliance enables SSL. The link to Splunk Enterprise already provides the correct protocol redirection (https). If you do not get redirected properly, check the protocol in your web browser (for example: https://localhost:8000).

The PCI Compliance Install App should display a message like:

The most recent PCI Compliance Suite App is installed.

Do not remove or disable the PCI Compliance Install App. The app notifies you of any updates to the Splunk App for PCI Compliance.

Navigate to Splunk Home. Click PCI Compliance Setup. If you have not installed the Sideview Utils app, you see a notice to install the app, along with a link to Splunkbase.

Pci-setup no sideview utils.png

1. Click the link to navigate to Splunkbase.

2. Download Sideview Utils. Provide your Splunk Enterprise credentials to log into Splunkbase.

3. Select Manager > Apps > Install app from file.

4. Refresh the Splunk App for PCI Compliance Setup page. Sideview Utils is enabled.

Verify the settings on the Splunk App for PCI Compliance Setup page. Click Save. You must restart Splunk Enterprise for the configuration changes to be applied.

See "Steps to configure" in this manual for details on configuring the Splunk App for PCI Compliance.

Click PCI Compliance to display PCI Home page.

PCI 21 homepage.png

PREVIOUS
Install prerequisites
  NEXT
Install the app manually

This documentation applies to the following versions of Splunk® App for PCI Compliance: 2.1.1


Comments

The link to the Splunk App for PCI 2.1 Upgrade instructions has been fixed. Thanks!

Ekostowski splunk
March 5, 2014

When will the Upgrade the Splunk App for PCI page/instructions be provided ?

USPSSplunkSupport
March 5, 2014

Was this documentation topic helpful?

Enter your email address, and someone from the documentation team will respond to you:

Please provide your comments here. Ask a question or make a suggestion.

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters