Splunk® App for PCI Compliance

User Manual

Upgrade to the Splunk Dashboard Framework to improve performance

Upgrading Splunk app for PCI Compliance dashboards from simple XML to the Splunk Dashboard Framework helps to improve performance and consistency across products so that you can gather better insights from your data visualizations. If your dashboards have a local override, you must perform the following steps to upgrade the simple XML dashboards and get the latest dashboard experience:

Following instructions only apply to on-prem deployments. If you are on the Splunk Cloud Platform, file a ticket on the Splunk Support Portal and request help to delete the local copies of the dashboard. See [https://splunkcommunities.force.com/customers/home/home.jsp Support and Services].

  1. Identify the XML file name from the dashboard URL.
    For the PCI Compliance Posture dashboard pci_posture, the filename is pci_posture.xml.
  2. Connect to the secure shell (SSH) server that hosts Splunk app for PCI Compliance.
  3. Change to Splunk's install directory.
    For example: cd /opt/splunk
  4. Locate the local copy of the dashboard's XML definition file, which overrides the definition from the default folder.
    For example: find . -name pci_posture.xml
  5. Delete the XML definition file from the local directory.
  6. Refresh the web browser for your Splunk instance.
    For example: https://localhost:8000/en-US/debug/refresh, where https://localhost:8000 is the Splunk instance.
  7. Clear your browser cache to display the new version of the dashboard.

Following is a list of dashboards in the Splunk app for PCI Compliance that you can upgrade to the Splunk Dashboard Framework:

  • PCI Compliance Posture page
  • Scorecard
  • Firewall Rule Activity
  • Network Traffic Activity
  • Prohibited Services
  • Default Account Access
  • Insecure Authentication Attempts
  • PCI System Inventory
  • Primary Functions
  • System Misconfigurations
  • Weak Encrypted Communication
  • Wireless Network Misconfigurations
  • Credit Card Data Found
  • Endpoint Product Deployment
  • Endpoint Product Versions
  • Malware Activity
  • Malware Signature Updates
  • Anomalous System Uptime
  • Update Service Status report
  • System Update Status
  • PCI Command History
  • PCI Resource Access
  • Endpoint Changes
  • PCI Asset Logging
  • Privileged User Activity
  • System Time Synchronization
  • Rogue Wireless Access Point Protection
  • Vulnerability Scan Details
  • IDS/IPS Alert Activity
Last modified on 07 December, 2023
Included adaptive response actions with   Asset Center

This documentation applies to the following versions of Splunk® App for PCI Compliance: 5.3.0, 5.3.1, 5.3.2


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters