Splunk Enterprise Security

Is it possible to install Splunk Security Enterprise 6.4.0 on Windows?

gl_splunkuser
Path Finder

Hello everyone. 

Currently I have a cluster architecture of Splunk Enterprise 8.0.7. 

  • SH cluster + Indexer Cluster + Master Node + Deployer, all of them in Windows.

Now I have to deploy Splunk Security over that architecture.

Is that possible?

Thanks in advance.

 

0 Karma
1 Solution

gl_splunkuser
Path Finder

Thanks for your answer @richgalloway 

So, Can I have a SH as a standalone and install in that search head the App, and connect the SH standalone with the indexer cluster?

Thanks in advance

View solution in original post

0 Karma

gl_splunkuser
Path Finder

Thanks for your answer @richgalloway 

So, Can I have a SH as a standalone and install in that search head the App, and connect the SH standalone with the indexer cluster?

Thanks in advance

0 Karma

richgalloway
SplunkTrust
SplunkTrust

Yes, you can run ES on a standalone Windows SH connected to an indexer cluster, although I think you'll be happier running ES on Linux.

---
If this reply helps you, Karma would be appreciated.

gl_splunkuser
Path Finder

Thank you for the useful help @richgalloway 

Yes, I know in linux works much better, but for now that's what I have...

Thanks again. 

0 Karma

richgalloway
SplunkTrust
SplunkTrust

Windows SHCs are not supported.  See https://docs.splunk.com/Documentation/ES/6.4.0/Install/InstallEnterpriseSecuritySHC#Prerequisites_fo...

---
If this reply helps you, Karma would be appreciated.
Get Updates on the Splunk Community!

Using Machine Learning for Hunting Security Threats

WATCH NOW Seeing the exponential hike in global cyber threat spectrum, organizations are now striving more for ...

New Learning Videos on Topics Most Requested by You! Plus This Month’s New Splunk ...

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

How I Instrumented a Rust Application Without Knowing Rust

As a technical writer, I often have to edit or create code snippets for Splunk's distributions of ...