All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Removing the Splunk Stream app

pil321
Communicator
‎07-19-2017 04:54 AM

When I try to remove Splunk Stream (delete the 'Splunk_TA_stream' directory from /opt/splunk/etc/apps - restart splunk), the directory reappears when I restart Splunk (?)

Is there a way to permanently delete it?

0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎06-27-2018 05:55 AM

The Splunk Stream app is in two directories, splunk_app_stream and Splunk_TA_stream. Both must be removed to uninstall the app.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply

sbbadri
Motivator
‎07-19-2017 07:01 AM

If you are using Deployment server to push Splunk_TA_stream to splunk UF
GO to Deployment server
1) Delete app from $SPLUNK_HOME$/etc/deployment-apps
2) Delete corresponding app class configuration from $SPLUNK_HOME/etc/system/local/serverclass.conf
3) Restart splunk

if you are using deployer to push Splunk_TA_stream to Splunk Search Heads
Go to Deployer
1) Delete app from $SPLUNK_HOME$/etc/shcluster/apps/
2) $SPLUNK_HOME/bin apply shcluster-bundle -target https://:8089 -preserve-lookups true

0 Karma
Reply

pil321
Communicator
‎07-19-2017 07:21 AM

Not using a deployment server or deployer - it was installed directly on a single instance.

0 Karma
Reply

sbbadri
Motivator
‎07-19-2017 07:33 AM

ah okay. Then try removing user specific directories created for that app.

Remove app

  $SPLUNK_HOME/bin/splunk remove app [appname] -auth <username>:<password>

Remove user-specific directories created for your app or add-on by deleting the files found here:

   $SPLUNK_HOME/etc/users/*/<appname>

Restart Splunk

0 Karma
Reply

pil321
Communicator
‎07-19-2017 07:57 AM

Thanks for the reply's, This is one tough app!

I did what sbbadri suggested, but once the app is removed and the user-specific directories are removed when Splunk is restarted, it's back again!

0 Karma
Reply
Get Updates on the Splunk Community!

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

If you’ve ever deployed a new database cluster, spun up a caching layer, or added a load balancer, you know it ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Financial fraud isn't slowing down. If anything, it's getting more sophisticated. Account takeovers, credit ...

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

 Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...