Install technology add-ons
The Splunk App for PCI Compliance solution includes predefined technology add-ons to work with the data you want to monitor. The add-ons provide the feeds to get data from different sources, and provide search-time knowledge maps to normalize the data for use within the app. Technology add-ons ensure that the data is correctly consumed by the Splunk App for PCI Compliance.
Use the following list to identify the required technology add-ons that are automatically installed when you install Splunk App for PCI Compliance (for Splunk Enterprise):
Do not uninstall these required technology add-ons.
- SA-AccessProtection
- SA-AuditAndDataProtection
- SA-EndpointProtection
- SA-IdentityManagement
- SA-NetworkProtection
- SA-ThreatIntelligence
- SA-UEBA
- SA-Utils
- Enterprise Security
- PCI Compliance
- Splunk Machine Learning Toolkit
- Splunk Common Information Model
- Splunk Add-on for UEBA
- splunk_ingest_actions
Use the following list to identify the required technology add-ons that are automatically installed when you install Splunk App for PCI Compliance (for Splunk Enterprise Security):
Do not uninstall these required technology add-ons.
- DA-ESS-AccessProtection
- DA-ESS-EndpointProtection
- DA-ESS-IdentityManagement
- DA-ESS-NetworkProtection
- DA-ESS-ThreatIntelligence
- SA-AccessProtection
- SA-AuditAndDataProtection
- SA-EndpointProtection
- SA-IdentityManagement
- SA-NetworkProtection
- SA-ThreatIntelligence
- SA-UEBA
- SA-Utils
- Enterprise Security
- PCI Compliance
- Splunk Machine Learning Toolkit
- Splunk Common Information Model
- Splunk Add-on for UEBA
- splunk_ingest_actions
Steps for installing technology add-ons
Configure or add technology add-ons to your deployment.
Find technology add-ons
To find a technology add-on to add:
- Click Apps > Manage Apps.
- Click Browse more apps.
- Browse list of apps.
Before you install a new add-on, make sure the add-on is compatible with the Splunk App for PCI Compliance.
Add a technology add-on from a local file
To add a technology add-on locally:
- Click Apps> Manage Apps.
- Click Install app from file.
- In the Upload an app panel, browse for the app, select it, then click Upload.
Edit an existing add-on
To edit an existing add-on:
- Click Apps > Manage Apps.
- Select the app from the list.
- Click Edit Properties for the app you want to configure.
- Click Save.
Update technology add-ons
A newer version of a technology add-on used by the Splunk App for PCI Compliance might be available on Splunkbase.
Update the app from within Splunk Enterprise
To check for a newer version, go to Apps > Manage Apps from the Splunk menu. If there is an updated version of a technology add-on, there will be a link similar to this: 4.6.0|Update to 4.6.3
in the Version column. You need to be logged in to Splunk.com to download the technology add-on.
- To update your existing technology add-on with the newer one, click the link in the version column.
- Click Update to get the newer version.
- Click Restart.
Update the app manually
- Go to Splunkbase and find the new version of the add-on. Download the add-on to your desktop or local directory.
- Install the add-on by navigating to Manage Apps > Install app from file from the Splunk Home page.
- Browse to the add-on location and select the add-on.
- Select Upgrade app so that the newer version of the add-on overwrites the older one.
- Click Upload.
- Click Restart.
See Using technology add-ons in this manual.
Install the Splunk App for PCI Compliance | Steps to configure the Splunk App for PCI Compliance |
This documentation applies to the following versions of Splunk® App for PCI Compliance: 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, 3.0.5, 3.1.0, 3.1.1, 3.1.2, 3.1.3, 3.2.0, 3.2.1, 3.3.0, 3.3.1, 3.3.2, 3.3.3, 3.4.0, 3.4.1, 3.4.2, 3.5.0, 3.6.0, 3.6.1, 3.7.0, 3.7.1, 3.7.2, 3.8.0, 3.8.1, 4.0.0, 4.0.1, 4.1.0, 4.1.1, 4.3.0, 4.4.0, 4.4.1, 4.5.0 Cloud only, 4.6.0, 4.6.2
Feedback submitted, thanks!