Splunk Enterprise Security

Is it possible to install Splunk Security Enterprise 6.4.0 on Windows?

gl_splunkuser
Path Finder

Hello everyone. 

Currently I have a cluster architecture of Splunk Enterprise 8.0.7. 

  • SH cluster + Indexer Cluster + Master Node + Deployer, all of them in Windows.

Now I have to deploy Splunk Security over that architecture.

Is that possible?

Thanks in advance.

 

0 Karma
1 Solution

gl_splunkuser
Path Finder

Thanks for your answer @richgalloway 

So, Can I have a SH as a standalone and install in that search head the App, and connect the SH standalone with the indexer cluster?

Thanks in advance

View solution in original post

0 Karma

gl_splunkuser
Path Finder

Thanks for your answer @richgalloway 

So, Can I have a SH as a standalone and install in that search head the App, and connect the SH standalone with the indexer cluster?

Thanks in advance

0 Karma

richgalloway
SplunkTrust
SplunkTrust

Yes, you can run ES on a standalone Windows SH connected to an indexer cluster, although I think you'll be happier running ES on Linux.

---
If this reply helps you, Karma would be appreciated.

gl_splunkuser
Path Finder

Thank you for the useful help @richgalloway 

Yes, I know in linux works much better, but for now that's what I have...

Thanks again. 

0 Karma

richgalloway
SplunkTrust
SplunkTrust

Windows SHCs are not supported.  See https://docs.splunk.com/Documentation/ES/6.4.0/Install/InstallEnterpriseSecuritySHC#Prerequisites_fo...

---
If this reply helps you, Karma would be appreciated.
Get Updates on the Splunk Community!

Thanks for the Memories! Splunk University, .conf24, and Community Connections

Thank you to everyone in the Splunk Community who joined us for .conf24 – starting with Splunk University and ...

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

 (view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...