Splunk® App for PCI Compliance

Installation and Configuration Manual

Acrobat logo Download manual as PDF

This documentation does not apply to the most recent version of PCI. Click here for the latest version.
Acrobat logo Download topic as PDF

Install technology add-ons

The Splunk App for PCI Compliance solution includes predefined technology add-ons to work with the data you want to monitor. The add-ons provide the feeds to get data from different sources, and provide search-time knowledge maps to normalize the data for use within the app. Technology add-ons ensure that the data is correctly consumed by the Splunk App for PCI Compliance.

Steps for installing technology add-ons

Use the Splunk Manager to configure or add technology add-ons to your deployment.

Find technology add-ons

To find a technology add-on to add:

  1. Click Manager in the menu bar.
  2. Click Apps.
  3. Click Find more apps online.
  4. Browse list of apps.

Note: Before you install a new add-on, make sure the add-on is compatible with the Splunk App for PCI Compliance.

Add a technology add-on from a local file

To add a technology add-on locally:

  1. Click Manager in the menu bar.
  2. Click Apps.
  3. Click Install app from file.
  4. In the Upload an app panel, browse for the app, select it, and click Upload.

Edit an existing add-on

To edit an existing add-on:

  1. Click Manager in the menu bar.
  2. Click Apps. Select the app from the list.
  3. Click Edit Properties for the app you want to configure. When you are finished, click Save.

Using Manager allows you to modify properties commonly found in the app.conf file for the app. You cannot modify any other .conf files associated with the app in this section. Changes to other app .conf files can be made from a different part place in Manager.

Note: Do not click Create app on the Manager > Apps page. You need to create and configure add-ons for the Splunk App for PCI Compliance differently.

To create a custom technology add-on to capture and map your data, see the Data Source Integration Manual.

Update technology add-ons

A newer version of a technology add-on used by the Splunk App for PCI Compliance might be available on Splunkbase.

Update the app from within Splunk Enterprise

To check for a newer version, go to Manage Apps from the Splunk menu. If there is an updated version of a technology add-on, there will be a link similar to this: 4.6.0|Update to 4.6.3 in the Version column.

1. To update your existing technology add-on with the newer one, click the link in the version column.

Note: You need to be logged into Splunk.com to download the technology add-on.

2. Click Update to get the newer version.

3. Click Restart.

Update the app manually

1. Go to Splunkbase and find the new version of the add-on. Download the add-on to your desktop or local directory.

2. Install the add-on by navigating to Manage Apps > Install app from file from the Splunk Home page.

3. Browse to the add-on location and select the add-on.

4. Select Upgrade app so that the newer version of the add-on overwrites the older one.

5. Click Upload.

6. Click Restart.

See "Using technology add-ons" in this manual.

Last modified on 25 October, 2015
Install the app manually
Steps to configure

This documentation applies to the following versions of Splunk® App for PCI Compliance: 2.1.1

Was this documentation topic helpful?

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters