Installation
- Install any dependencies (see below).
-
Install the application to your Splunk Search Head(s):
(On-premises) Install on a single instance
If your Splunk Enterprise deployment is a single instance, install the application to your single instance. You can use the Install app from file feature in the Manage Apps page in Splunk Web to install the package, or install it manually using the command line.
(On-premises) Install in a non-clustered distributed environment
If your Splunk Enterprise deployment is distributed and non-clustered, follow these steps:
If you are installing to one or more independent search heads, follow your preferred method of deploying the app. You can do any of the following:
- Follow the Install app from file wizard on the Manage Apps screen in Splunk Web.
- Install manually using the command line.
- Use a deployment server to deploy the unconfigured packages to your search heads. Do not configure the app prior to deploying it.
(On-premises) Install in a clustered distributed environmentIf your Splunk Enterprise deployment has one or more search head cluster(s), use the Deployer to deploy the app to your cluster(s).
Install on Splunk Cloud
If you're using Splunk Cloud, follow the Private App installation process documented here for your version and current Splunk Cloud experience (Classic/Victoria).
Dependencies
The following dependencies are required by the dashboards in this application:
Premium Apps
- Splunk Enterprise Security (of course!)
Visualizations
- Status Indicator - Custom Visualization
- MITRE ATTCK Heatmap for Splunk
- Sunburst Viz
- Event Timeline Viz
- Calendar Heat Map - Custom Visualization
Compatibility
The current version of this app is compatible with:
- Splunk Enterprise/Cloud 8.x, 9.x
- Splunk Enterprise Security 6.x, 7.x
Next Step
What's Next? Learn more about how to configure the application.