Solved: Can I install Extreme Search without Splunk Enterp...

noybin · ‎11-14-2016

Can I install and use Extreme Search without Enterprise Seurity?

If yes, where should be installed (Search Head, Indexers)?

Any recommendations to consider?

Thank you very much.

ChrisG · ‎11-16-2016

It is part of Splunk Enterprise Security now, as you mentioned. So I guess the answer to your question is really "no, you can't use extreme search without Enterprise Security." 😕

View solution in original post

jdeer0618 · ‎12-09-2016

Can't hurt to ask your sales rep or SE if you have one. They might be able to hook you up with Extreme Search as a standalone app.

ChrisG · ‎11-16-2016

It is part of Splunk Enterprise Security now, as you mentioned. So I guess the answer to your question is really "no, you can't use extreme search without Enterprise Security." 😕

noybin · ‎11-16-2016

So What about the comment from the Extreme Search Visualization app that says:
"It is not necessary to use the XSV app or the Splunk App for Enterprise Security to use Extreme Search. Since Extreme Search is implemented as a set of extensions to Splunk's search language, it is available to any Splunk app."?

starcher · ‎12-11-2016

If you are an ES customer or can get your rep to provide XS you can install it. There is no actual dependance from an install standpoint on ES. Many ES customers use it on other search heads once they have it via their ES license.

ChrisG · ‎11-16-2016

I think that comment is outdated? It used to be true and it no longer is. Scianta's web site says "Extreme Search for Splunk is now owned and supported by Splunk Inc. It currently ships as part of the Splunk App for Enterprise Security."

gjanders · ‎11-16-2016

The application still has python files and the various commands such as xsvcreateconcept so I thought it would work. I have not tested it yet though...

-
Alerts for Splunk Admins, Version Control for Splunk, Decrypt2 VersionControl For SplunkCloud

gjanders · ‎11-14-2016

As per the Extreme Search Visualisation page

It is not necessary to use the XSV app
or the Splunk App for Enterprise
Security to use Extreme Search. Since
Extreme Search is implemented as a set
of extensions to Splunk's search
language, it is available to any
Splunk app.

Just install the application on your search head,

-
Alerts for Splunk Admins, Version Control for Splunk, Decrypt2 VersionControl For SplunkCloud

noybin · ‎11-16-2016

Thank you!

ChrisG · ‎11-16-2016

That is just the visualization support. Extreme Search itself is no longer available as a separate app.

noybin · ‎11-16-2016

So how can I use Extreme search then?

Can I install Extreme Search without Splunk Enterprise Security?

How to Monitor Google Kubernetes Engine (GKE)

Index This | How can you make 45 using only 4?

Splunk Education Goes to Washington | Splunk GovSummit 2024