The version from Splunkbase is ok, but it is older.
https://splunkbase.splunk.com/app/3688/

You could try the latest version from github, which is new and extracts correctly:
https://github.com/wazuh/wazuh-splunk/releases/tag/v3.11.2-8.0.1

You might want to contact the developer and let them know that the published package is broken.

I have added this comment as an answer as it is the eventual outcome from your problem.

Please accept it so other people can see what we discovered.
Come back an open another question if you have any problems.

Good luck!

Okok. I will try the new version and tell the developer the broken package later.

Thank you very much!

Thanks for your answer. And the documentation shows

/opt/splunk/bin/splunk install /your/path/SplunkAppForWazuh.tar.gz

Here is the full path. The documentation link is

https://documentation.wazuh.com/3.11/installation-guide/installing-splunk/splunk-app.html

Need to add app after install and before the path to your tar.gz file.

So it would be /opt/splunk/bin/splunk install app /your/path/SplunkAppForWazuh.tar.gz as @nickhillscpl mentioned

Thanks for your adive and I tried the commands like:

/opt/splunk/bin/splunk install app /opt/splunk/bin/SplunkAppForWazuh.tar.gz

But the result is the same:

Error during app install: failed to extract app from /opt/splunk/bin/SplunkAppForWazuh.tar.gz to /opt/splunk/var/run/splunk/bundle_tmp/442aa3661f9da411: No such file or directory

I suppose if is the permission issue and how can I confirm it?

Are you sure you downloaded the package to /opt/splunk/bin ?
(I would advise against this!)

Please use my suggestion:

   curl -o /tmp/SplunkAppForWazuh.tar.gz https://packages.wazuh.com/3.x/splunkapp/wazuhapp-splunk-3.11.2_8.0.0.tar.gz

     /opt/splunk/bin/splunk install app /tmp/SplunkAppForWazuh.tar.gz

Which will download the file to your temp folder, and then use the same path for the install command.

Thanks for your comment.
However, using your suggestion the result is same:

[root@localhost etc]# curl -o /tmp/SplunkAppForWazuh.tar.gz https://packages.wazuh.com/3.x/splunkapp/wazuhapp-splunk-3.11.2_8.0.0.tar.gz

  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   243    0   243    0     0    222      0 --:--:--  0:00:01 --:--:--   222

[root@localhost etc]# /opt/splunk/bin/splunk install app /tmp/SplunkAppForWazuh.tar.gz

Error during app install: failed to extract app from /tmp/SplunkAppForWazuh.tar.gz to /opt/splunk/var/run/splunk/bundle_tmp/54753e62ef7cccf6: No such file or directory

Is the pemission issue or the download issue?

I'm starting to think it could be - what are the permissions on /opt/splunk/var/run/splunk/bundle_tmp and who is the splunkd process running as?

Use ps -ef | grep splunkd to see.

[root@localhost etc]# ps -ef | grep splunkd
root       8629   2958  1 04:19 ?        00:02:03 splunkd -p 8089 restart
root       8633   8629  0 04:19 ?        00:00:05 [splunkd pid=8629] splunkd -p 8089 restart [process-runner]
root       8857   8633  0 04:19 ?        00:00:21 /opt/splunk/bin/splunkd instrument-resource-usage -p 8089 --with-kvstore
root      16815   6045  0 07:22 pts/0    00:00:00 grep --color=auto splunkd

are you running /opt/splunk/bin/splunk install app /tmp/SplunkAppForWazuh.tar.gz as root?

Yes, I use both su root and sudo , but all get wrong

you're still missing splunk install app <package>
you need to specify "app" in the command