Splunk Enterprise Security

How to install splunk app through Linux terminal?

Rocky31
Path Finder

I am just confused to install Splunk app (truStar) via terminal, please don't tell me to download and upload via Splunk web maybe a beginner do that in the most organization uses Linux OS. I downloaded app.tgz file, if it is Splunk installation we do get wget link right, then for an app how to do?

Thanks, I appreciate it.

0 Karma

PowerPacked
Builder

Hi

Go to splunk bin location

Ex:
1) ./splunk install app foo.tar

2) ./splunk install app https://splunkbase.splunk.com/app/1603/

Thanks

Anonymous
Not applicable

For a app you could just unpack the file and copy the folder to the destination.

Standard splunk enviroment
/opt/splunk/etc/apps

After a
/opt/splunk/bin/splunk restart

The app wil be loaded,

0 Karma

Rocky31
Path Finder

ok, i will check and let you know

0 Karma

Anam
Community Manager
Community Manager

Hi @Rocky31

Looks like you have a few possible solutions to your question. If one of them provided a working solution, please don't forget to click "Accept" below the best answer to resolve this post. If you still need help, please leave a comment.

Thanks!

0 Karma

Rocky31
Path Finder

yea, still working on it,

0 Karma

woodcock
Esteemed Legend

My other answer wrong. Go to the GUI on the search head and click on App:* -> Manage Apps -> Install app from file ...

adonio
Ultra Champion

untar it and place it in the .../etc/apps/ directory

or like described here:
https://docs.splunk.com/Documentation/Splunk/7.2.5/Admin/Managingappobjects#Manage_apps_and_add-ons_...

hope it helps

Get Updates on the Splunk Community!

Edge Processor | New Resiliency Improvements & Support for Additional Data Sources

We are excited to announce several exciting updates for Edge Processor aimed at hardening overall product ...

Splunk Certification Support Alert | Pearson VUE Outage

Splunk Certification holders and candidates!  Please be advised of an upcoming system maintenance period for ...

Enterprise Security Content Update (ESCU) | New Releases

In September, the Splunk Threat Research Team had two releases of new security content via the Enterprise ...