Splunk® User Behavior Analytics Kafka Ingestion App

Splunk UBA Kafka Ingestion App

This documentation does not apply to the most recent version of Splunk® User Behavior Analytics Kafka Ingestion App. For documentation on the most recent version, go to the latest release.

Install the Splunk UBA Kafka Ingestion App

You can download the Splunk UBA Kafka Ingestion App from Splunkbase. To learn more about Splunkbase apps, see Where to get more apps and add-ons in the Splunk Enterprise Admin Manual.

After downloading the Splunk UBA Kafka Ingestion App and verifying the prerequisites, install the app using either Splunk Web or directly from the downloaded file.

The Splunk UBA Kafka Ingestion App must be installed on the Splunk search head.

If your environment includes multiple search heads, install the Splunk UBA Kafka Ingestion App on each search head. If you have a clustered Splunk environment, you can install this app on the search head cluster. See Use the deployer to distribute apps and configuration updates in the Splunk Enterprise Distributed Search manual.

Install the app on Splunk Enterprise using Splunk Web

Perform the following steps to install the Splunk UBA Kafka Ingestion App on Splunk Enterprise using Splunk Web:

  1. Log in to the Splunk Enterprise search head.
  2. On the Applications menu, scroll to the bottom and select Find More Apps.
  3. On the Browse more apps page, locate the app in the list, or type the name in the search box.
  4. Provide your splunk.com credentials.
  5. Accept the license terms.
  6. Click Login and Install.
  7. Click Done.
  8. Restart Splunk Enterprise to complete the installation.

Install the app on Splunk Enterprise from a downloaded file

Perform the following steps to install the Splunk UBA Kafka Ingestion App on Splunk Enterprise using a downloaded file:

  1. Log in to splunkbase.splunk.com.
  2. Download the Splunk UBA Kafka Ingestion App and save it to an accessible location.
  3. Log in to the Splunk Enterprise search head.
  4. On the Applications menu, select the Manage Apps (The manage apps icon) icon.
  5. On the Apps page, click Install app from file.
  6. On the Upload app page, click the Choose file button to locate the app.
  7. Click Upload.
  8. Click Done.
  9. Restart Splunk Enterprise to complete the installation.

Install the app on the Splunk Cloud Platform

The Splunk UBA Kafka Ingestion App is supported on Splunk Cloud Platform. For steps, see Install apps on your Splunk Cloud Platform deployment in the Splunk Cloud Platform Admin Manual.

Classic Experience requires Splunk Support to install an app on Enterprise Security search heads.

To enable hostname verification for Kafka data ingestion, Splunk Cloud Platform users must work with Splunk Support to obtain a certificate from a root certificate authority (CA). See, Obtain a root CA.

Last modified on 08 February, 2024
Requirements for Kafka data ingestion   Enable Kafka data ingestion

This documentation applies to the following versions of Splunk® User Behavior Analytics Kafka Ingestion App: 1.4.3


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters