Splunk Enterprise Security

Command to set up ES 6.0.2 from CLI?

martinnepolean
Explorer

I have the below command to setup ES through CLI but looking only juniper add-on to get install. Please let me know the command for it.

I remember that we have the option to see the essential command arguments from Splunk server.

Please let me know the file which has the command argument details.

/opt/splunk/bin/splunk search '| essinstall --deployment_type

shc_deployer --skip-ta'

 

Tags (2)
0 Karma
1 Solution

richgalloway
SplunkTrust
SplunkTrust
If you have a file with all the details, what more do you need? Try examining the code at $SPLUNK_HOME/etc/apps/SplunkEnterpriseSecurity/bin/essinstall.py
---
If this reply helps you, Karma would be appreciated.

View solution in original post

0 Karma

richgalloway
SplunkTrust
SplunkTrust

You can specify the names of the add-ons to install, skip, or disable on the command line.  See the documentation at https://docs.splunk.com/Documentation/ES/6.2.0/Install/InstallEnterpriseSecurity#Install_Splunk_Ente...

You must know the name(s) of the subdirectories for each add-on.  AFAIK, there is no command to display those names prior to installing ES.

---
If this reply helps you, Karma would be appreciated.
0 Karma

martinnepolean
Explorer

Thanks @ricm , Do you know how can I view the essinstall command parameters? John Welch from splunk support showed me a file  which has all the details about essinstall command

 

0 Karma

richgalloway
SplunkTrust
SplunkTrust
If you have a file with all the details, what more do you need? Try examining the code at $SPLUNK_HOME/etc/apps/SplunkEnterpriseSecurity/bin/essinstall.py
---
If this reply helps you, Karma would be appreciated.
0 Karma
Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...