Knowledge Management
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How do I find a list of Built-in (pre-installed) Apps & Add-ons that come with Splunk Ent. & Splunk ES

SamHTexas
Builder
‎07-09-2021 07:52 AM

Please help me find a list of pre-installed Apps & TAs that come with Splunk Enterprise & Splunk ES. Thank u in advance.

Labels (1)
Labels
Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

richgalloway
SplunkTrust
SplunkTrust
‎07-09-2021 10:34 AM

I'm not aware of any documented list, but you can get a list of built-in Splunk apps with this query.

| rest /services/apps/local splunk_server=local | search core=1 | table title

There's a similar query for ES, but it's not as clean.  This one looks for apps with the version string as ES, which isn't foolproof.

| rest /services/apps/local splunk_server=local 
| search version="6.2.0" ```Change to your ES version```
| table title

Also, you can install a new Splunk instance and examine what's in $SPLUNK_HOME/etc/apps.

Do the same with ES.

---
If this reply helps you, Karma would be appreciated.

View solution in original post

Reply
Solved! Jump to solution
Solution

richgalloway
SplunkTrust
SplunkTrust
‎07-09-2021 10:34 AM

I'm not aware of any documented list, but you can get a list of built-in Splunk apps with this query.

| rest /services/apps/local splunk_server=local | search core=1 | table title

There's a similar query for ES, but it's not as clean.  This one looks for apps with the version string as ES, which isn't foolproof.

| rest /services/apps/local splunk_server=local 
| search version="6.2.0" ```Change to your ES version```
| table title

Also, you can install a new Splunk instance and examine what's in $SPLUNK_HOME/etc/apps.

Do the same with ES.

---
If this reply helps you, Karma would be appreciated.
Reply
Solved! Jump to solution

SamHTexas
Builder
‎07-09-2021 12:14 PM

One question sir, to update Apps on Splunk Ent / ES do I just download the new version & install it on the top of the old one? Thank u sir & have a super weekend.

Tags (1)
0 Karma
Reply
Solved! Jump to solution

richgalloway
SplunkTrust
SplunkTrust
‎07-09-2021 12:36 PM

There are several ways to update an app.  Choose the one appropriate for the app/TA and the Splunk instance.  Some apps have installation instructions so be sure to follow them.

  • Click the "Update" link on the Manage Apps screen.
  • Download the app from splunkbase then go to Manage Apps and click Install App from File.  Be sure to check the "Upgrade" box.
  • Download the app from splunkbase and untar it in $SPLUNK_HOME/etc/apps and restart the instance.
  • Download the app from splunkbase and untar it on the SHC deployer and apply the shbundle.
  • Download the app from splunkbase and untar it on the CM and apply the bundle.
  • Download the app from splunkbase and untar it on the deployment server.

 

---
If this reply helps you, Karma would be appreciated.
Reply
Solved! Jump to solution

SamHTexas
Builder
‎07-09-2021 01:22 PM

Thank u very much. You are an asset to this site as always. I have learned plenty from you sir.

Tags (1)
Reply
Solved! Jump to solution

SamHTexas
Builder
‎07-09-2021 11:04 AM

Thank u very much bro. When searching for Apps, do the SPLs you listed print the list of TAs as well? If not is there separate SPL for TAs?

Tags (1)
0 Karma
Reply
Solved! Jump to solution

richgalloway
SplunkTrust
SplunkTrust
‎07-09-2021 12:30 PM

TAs are apps and will show up in the same SPL results.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply
Get Updates on the Splunk Community!

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Survey for Splunk Admins and App Developers is open now! | Earn a $35 gift card!      Hello there,  Splunk ...

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...