All Apps and Add-ons

Is Palo Alto Networks App version 4.2.1 compatible with Splunk 6.3.1?

Path Finder

We are currently running Palo Alto Networks App version 4.2.1 with Splunk 6.2.2.
We are thinking of upgrading to Splunk 6.3.1.
Do we need to upgrade Palo Alto Networks App first?

0 Karma

Splunk Employee
Splunk Employee

Hey @wsnyder2 you do not need to upgrade the Palo Alto App first for it to work with 6.3.1 (provided it was configured properly in your Splunk 6.2 environment) .
That said, with the release of the v.5.0.0 of the Palo Alto Networks for Splunk app there is now an upgrade guide:
Highlights are that there is now a TA (Technology Add-On) bundled with the app - this makes deployment more flexible. That said read the upgrade guide thoroughly as there changes like which index the TA writes to by default (no more "pan_logs" index).
Are you also an Enterprise Security user?

0 Karma


Hello. App version 4.2.1 should work fine with Splunk 6.3.x. However, it hasn't specifically been tested. App version 4.2.2 and 5.0.0 have been fully tested with Splunk 6.3.x.

0 Karma
Get Updates on the Splunk Community!

Splunk Lantern | Spotlight on Security: Adoption Motions, War Stories, and More

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

Splunk Cloud | Empowering Splunk Administrators with Admin Config Service (ACS)

Greetings, Splunk Cloud Admins and Splunk enthusiasts! The Admin Configuration Service (ACS) team is excited ...

Tech Talk | One Log to Rule Them All

One log to rule them all: how you can centralize your troubleshooting with Splunk logs We know how important ...