Uninstall Splunk Security Essentials
You can uninstall Splunk Security Essentials from either the user interface or the command line.
Uninstall Splunk Security Essentials from the user interface
If you are a cloud user of Splunk Security Essentials, you can uninstall Splunk Security Essentials from the user interface.
- From Splunk Enterprise or Splunk Cloud Platform, select Apps then Manage Apps.
- Find the entry for Splunk Security Essentials and select Uninstall.
Uninstall Splunk Security Essentials from the command line
To remove Splunk Security Essentials from the command line, follow these steps:
- (Optional) Remove the app or add-on's indexed data. Typically, the Splunk platform does not access indexed data from a deleted app or add-on. However, you can use the Splunk CLI clean command to remove indexed data from an app before deleting the app. See Remove data from indexes with the CLI command.
- Delete the app and its directory. The app and its directory are typically located in
$SPLUNK_HOME/etc/apps/<appname>. You can run the following command in the CLI:./splunk remove app [appname] -auth <username>:<password> - You may need to remove user-specific directories created for your app or add-on by deleting any files found here:
$SPLUNK_HOME/etc/users/*/<appname> - Restart the Splunk platform.
Last modified on 25 July, 2023
| Install Splunk Security Essentials | Configure Splunk Security Essentials |
This documentation applies to the following versions of Splunk® Security Essentials: 3.7.1, 3.8.0, 3.8.1
Download manual
Feedback submitted, thanks!