All Apps and Add-ons

Cannot update PCI Complience app using CLI -login failed

New Member

I am trying to update PCIcomplience but i am getting Login failure.I am using the user/pass that i login to /My company has licence/.Below is the output:

root@/opt/splunk/bin # ./splunk install app Splunk_DA-ESS_PCICompliance -update 1
Splunk username: nhs
Login failed

Then i used my root user/pass but i got the following message :
Error during app install: failed to extract app from /opt/splunk/bin/Splunk_DA-ESS_PCICompliance to /opt/splunk/var/run/splunk/bundle_tmp/446fbab906660b58: No such file or directory

Then i did:
./splunk install app /opt/splunk/etc/apps/Splunk_DA-ESS_PCICompliance -update 1 and i got the message that PCI was installed but then on the Web interfeace i cannot see PCI any longer and i got the message :
Splunk_DB-ESS PCI Compliance version None is lower than required 3.4.0

I need your help.

0 Karma

Super Champion

Hi @balkanbgboy,

Your first attempt at installing should have worked using your splunk credentials. Make sure the splunk user you are using has the permissions to install apps.

To avoid all these CLI issues go to the GUI and follow the steps shown here :

Let me know how that works out for you.


0 Karma


Using just the App-name does not work. You have to use the archive name - otherwise splunk install app ... has no idea what to install.

0 Karma


Some time ago - but anyway:

  • It seems you are using system (i.e. Linux or similar) credentials to login to Splunk. That won't work. You have to use your Splunk-(Web)-credentials to connect to Splunk.
  • Also you have to make sure that you have the permission to install an app (also inside of Splunk).
  • And last - "Splunk_DA-ESS_PCICompliance" is the name of the installed app. On the commandline you have to use the name of the tar archive, e.g. splunk install app splunk-app-for-pci-compliance-splunk-enterprise_370.spl
0 Karma
Get Updates on the Splunk Community!

Ready, Set, SOAR: How Utility Apps Can Up Level Your Playbooks!

 WATCH NOW Powering your capabilities has never been so easy with ready-made Splunk® SOAR Utility Apps. Parse ...

DevSecOps: Why You Should Care and How To Get Started

 WATCH NOW In this Tech Talk we will talk about what people mean by DevSecOps and deep dive into the different ...

Introducing Ingest Actions: Filter, Mask, Route, Repeat

WATCH NOW Ingest Actions (IA) is the best new way to easily filter, mask and route your data in Splunk® ...