On the Splunk Enterprise menu bar, open Searching and Reporting > App and select Manage Apps.Download Splunk ES Content Update and save it to an accessible location on your system.Restart Splunk services to complete the installation.On the Browse more apps page, locate the Splunk ES Content Update in the list.From the Splunk Web home page, click the Apps gear icon.Log in to Splunk Web on your Splunk Enterprise Security search head.See Install an add-on in a distributed Splunk Enterprise deployment in the Splunk Add-ons documentation. Use the search head cluster deployer to distribute ESCU across search head cluster members. Use the table to check the compatibility of ESCU with Splunk Enterprise distributed deployment features. Install ESCU on the Enterprise Security search head.ĮSCU does not contain indexes or index-time transformations.ĮSCU does not contain inputs for forwarder data collection.ĭistributed deployment feature compatibility Use the table to determine where to install ESCU in a Splunk Enterprise Security distributed deployment. Use the tables below to determine where and how to install Splunk Enterprise Security Content Update (Splunk ESCU) on your deployment of Splunk Enterprise Security (Splunk ES).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |