Are you a member of the Splunk Community?
- Find Answers
- :
- Premium Solutions
- :
- Splunk Enterprise Security
- :
- Re: About Updating Splunk Apps
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have some doubts about Updating Splunk Apps.
1. The Splunk Apps that comes pre-built/packed with Enterprise Security such as Extreme Search, RapidDiag, Splunk AddOn for UEBA etc.... Do they automatically get updated to newer version. Also I can't find them on Splunkbase.
2. The apps that come packaged with Splunk , do they show like regular apps when searched under the 'Manage App' option? Is there any way by looking at it to know, if the app is built into Splunk Or downloaded separately from Splunkbase Or developed by in-house team ?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Extreme Search was deprecated some time ago. After upgrading Enterprise Security do you follow through the Set Up part of it? You can get to it through
(Your Splunk website)/en-US/app/SplunkEnterpriseSecuritySuite/ess_setup?action=edit
This automatically removes deprecated apps and installs the new versions of included apps.
Splunk Rapid Diag is an app that's pre-installed with Splunk.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
1. Yes those apps that come with Splunk Enterprise Security will be updated after you install a new version of Enterprise Security and then run through the Configuration pages.
2. Yes. Your best bet to find out if an app is built into Splunk by looking at the Version number. The Version number is the same as the version number of your Splunk Enterprise installation.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks @Stefanie for the response.
Splunk_RapidDiag and Extreme Search are built into Splunk. But when I see my Splunk Enterprise version it is 8.1.4, but RapidDiag and Extreme Search has version 1.4.0 and 2.4.4 respectively.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Extreme Search was deprecated some time ago. After upgrading Enterprise Security do you follow through the Set Up part of it? You can get to it through
(Your Splunk website)/en-US/app/SplunkEnterpriseSecuritySuite/ess_setup?action=edit
This automatically removes deprecated apps and installs the new versions of included apps.
Splunk Rapid Diag is an app that's pre-installed with Splunk.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@Stefanie Would you happen to know if "Splunk Add-on for UEBA " app comes pre-installed with Splunk and whether it is active or deprecated ?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It is active.
How do I obtain the Splunk Add-on for Splunk UBA?
The Splunk Add-on for UBA is not available for download on Splunkbase. The add-on is installed by default with Splunk Enterprise Security (ES). If you find that the Splunk Add-on for UBA is not installed, run the Splunk Enterprise Security Post-Install Configuration again and ensure that Splunk_TA_ueba is selected for installation. See Install Splunk Enterprise Security in the Splunk Enterprise Security Installation and Upgrade manual.
Calling All Security Pros: Ready to Race Through Boston?
Beyond Detection: How Splunk and Cisco Integrated Security Platforms Transform ...
Customer success is front and center at .conf25
