Splunk® Add-on for Splunk Attack Analyzer

User Guide

Installation requirements and version dependencies

To use the Splunk Add-on for Splunk Attack Analyzer, complete the following:

Splunk Enterprise installation prerequisite

If you install the Splunk Add-on for Splunk Attack Analyzer on Splunk Enterprise, your user account must have the admin role and the edit_local_app capability. The admin role includes that capability by default.

System requirements

This add-on runs on the Splunk platform. The following system requirements apply for the Splunk software you use to run the Splunk Add-on for Splunk Attack Analyzer.

Deployment More information
On-premises deployment of Splunk platform See System requirements for use of Splunk Enterprise on-premises in the Splunk Enterprise Installation Manual.
Splunk Cloud Platform See Where to install Splunk add-ons in the Splunk Supported Add-ons manual.

Version dependencies

See the following table to ensure you are using the correct combination of the add-on and the Splunk platform:

Splunk Add-on for Splunk Attack Analyzer version Splunk platform version
1.0.0 Splunk Enterprise 9.0.x

or higher or
Splunk Cloud Platform

Last modified on 30 August, 2023
Source types for the Splunk Add-on for Splunk Attack Analyzer   Install the Splunk Add-on for Splunk Attack Analyzer

This documentation applies to the following versions of Splunk® Add-on for Splunk Attack Analyzer: 1.0.0, 1.1.0, 1.1.1, 1.2.0


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters