All Apps and Add-ons

Is Palo Alto Networks App version 4.2.1 compatible with Splunk 6.3.1?

Path Finder

We are currently running Palo Alto Networks App version 4.2.1 with Splunk 6.2.2.
We are thinking of upgrading to Splunk 6.3.1.
Do we need to upgrade Palo Alto Networks App first?

0 Karma

Splunk Employee
Splunk Employee

Hey @wsnyder2 you do not need to upgrade the Palo Alto App first for it to work with 6.3.1 (provided it was configured properly in your Splunk 6.2 environment) .
That said, with the release of the v.5.0.0 of the Palo Alto Networks for Splunk app there is now an upgrade guide:
Highlights are that there is now a TA (Technology Add-On) bundled with the app - this makes deployment more flexible. That said read the upgrade guide thoroughly as there changes like which index the TA writes to by default (no more "pan_logs" index).
Are you also an Enterprise Security user?

0 Karma


Hello. App version 4.2.1 should work fine with Splunk 6.3.x. However, it hasn't specifically been tested. App version 4.2.2 and 5.0.0 have been fully tested with Splunk 6.3.x.

0 Karma
Get Updates on the Splunk Community!

Last Chance to Submit Your Paper For BSides Splunk - Deadline is August 12th!

Hello everyone! Don't wait to submit - The deadline is August 12th! We have truly missed the community so ...

Ready, Set, SOAR: How Utility Apps Can Up Level Your Playbooks!

 WATCH NOW Powering your capabilities has never been so easy with ready-made Splunk® SOAR Utility Apps. Parse ...

DevSecOps: Why You Should Care and How To Get Started

 WATCH NOW In this Tech Talk we will talk about what people mean by DevSecOps and deep dive into the different ...