Splunk Enterprise Security
Highlighted

Many new apps in Enterprise Security - can I disable them?

Builder

I upgraded to the latest version of Enterprise Security (v6.0) and it installed many new apps and add-ons for systems/applications/sources that we don't have including:

  • Splunk Add-on for AirDefense
  • Splunk Add-on for CEF
  • Splunk Add-on for Juniper
  • Splunk Add-on for RSA
  • and many more...

My question is, can I disable the apps/add-ons that I don't need or will this adversely affect ES? Also, after disabling the app, how can I fully delete it so that it no longer appears in the apps list (I like to run lean and prefer not to have unused software installed).

Thanks!

0 Karma
Highlighted

Re: Many new apps in Enterprise Security - can I disable them?

Splunk Employee
Splunk Employee

Hi,

You can disable the ones that begin with TA- or SplunkTA. Deleting them is an option as well, if you like, delete the folders from filesystem.

View solution in original post

Highlighted

Re: Many new apps in Enterprise Security - can I disable them?

Builder

Ok and how about the ones that begin with "Splunk Add-on for ...".

All of the apps that I'd like to disable begin with Splunk Add-on...

Thanks

0 Karma
Highlighted

Re: Many new apps in Enterprise Security - can I disable them?

Builder

I see the TA- and Splunk_TA now... those are the folder names. Thanks again!

0 Karma