All Apps and Add-ons

Is Palo Alto Networks App version 4.2.1 compatible with Splunk 6.3.1?

Path Finder

We are currently running Palo Alto Networks App version 4.2.1 with Splunk 6.2.2.
We are thinking of upgrading to Splunk 6.3.1.
Do we need to upgrade Palo Alto Networks App first?

0 Karma

Splunk Employee
Splunk Employee

Hey @wsnyder2 you do not need to upgrade the Palo Alto App first for it to work with 6.3.1 (provided it was configured properly in your Splunk 6.2 environment) .
That said, with the release of the v.5.0.0 of the Palo Alto Networks for Splunk app there is now an upgrade guide:
Highlights are that there is now a TA (Technology Add-On) bundled with the app - this makes deployment more flexible. That said read the upgrade guide thoroughly as there changes like which index the TA writes to by default (no more "pan_logs" index).
Are you also an Enterprise Security user?

0 Karma


Hello. App version 4.2.1 should work fine with Splunk 6.3.x. However, it hasn't specifically been tested. App version 4.2.2 and 5.0.0 have been fully tested with Splunk 6.3.x.

0 Karma
Did you miss .conf21 Virtual?

Good news! The event's keynotes and many of its breakout sessions are now available online, and still totally FREE!