Splunk® Security Essentials

Install and Configure Splunk Security Essentials

Install Splunk Security Essentials

You can install the Splunk Security Essentials app on Splunk Cloud Platform, or you can install it on Splunk Enterprise in a single-instance or distributed environment.

Splunk Security Essentials doesn't interfere with or impact Splunk Enterprise Security. You can safely install Splunk Security Essentials on a Splunk Enterprise Security search head or search head cluster.

Prerequisites

Make sure Splunk Security Essentials is compatible with the version of Splunk Enterprise or Splunk Cloud Platform that you're using. See https://splunkbase.splunk.com/app/3435/ to find the updated compatibility for various Splunk Enterprise, Splunk Cloud Platform, and Splunk Security Essentials versions.

Install on a Splunk Enterprise single-instance deployment

In a single-instance deployment, you can install Splunk Security Essentials on your Splunk Enterprise search head using Splunk Web or a downloaded file.

Install the app using Splunk Web

  1. Log in to your Splunk Enterprise search head.
  2. In the Applications menu, select Find More Apps.
  3. On the Browse More Apps page, select or search for Splunk Security Essentials and click Install.
  4. Enter your splunk.com credentials.
  5. Accept the license terms.
  6. Click Login and Install.
  7. Click Done.
  8. Restart Splunk Enterprise to complete the installation.

Install the app from a downloaded file

  1. Log in to splunkbase.splunk.com.
  2. Search for and download the Splunk Security Essentials app and save it to an accessible location.
  3. Log in to your Splunk Enterprise search head.
  4. On the Apps menu, click Manage Apps.
  5. On the Apps page, click Install app from file.
  6. On the Upload app page, click the Choose file button and locate the app in your files.
  7. Click Upload.
  8. Click Done.
  9. Restart Splunk Enterprise to complete the installation.

Install on a Splunk Enterprise distributed deployment

In a distributed deployment, install Splunk Security Essentials on search heads only. This app is safe to install in large clusters because it has no impact on indexers. For installation instructions, see Install an add-on in a distributed Splunk Enterprise deployment in the Splunk Add-ons menu.

Install on Splunk Cloud Platform

You can install Splunk Security Essentials on your Splunk Cloud Platform deployment. For more information, see Install apps in your Splunk Cloud Platform deployment in the Splunk Cloud Platform Admin Manual.

Last modified on 20 January, 2023
Splunk Security Essentials product compatibility matrix   Uninstall Splunk Security Essentials

This documentation applies to the following versions of Splunk® Security Essentials: 3.7.1, 3.8.0, 3.8.1

Acrobat logo Download manual
Acrobat logo Download this page

Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters