Splunk Enterprise Security

Unable to install PhishTank app in Splunk ES

venkatesh_gopal
New Member

Hi Nimish Doshi,

We are unable to install the phish tank app in our splunk instance. We reached to our support team and seems that the requested app isn't compatible with the version of splunk running on the splunk cloud instance. (Our version - 7.0.2.1) Splunk Vendor recommended reaching out to the Apps developer in order to have them update the compatibility of the app.

Is there anything that you could help us on this? Any suggestions on how we proceed further in installing the app with the current version? Or Splunk version needs to be upgraded or phishtank available with compatability?

0 Karma
1 Solution

lacastillo
Path Finder

The Splunk Cloud app team has a strict set of guidelines that they must adhere to when installing apps in order to ensure that all Splunk Cloud instances maintain their security. If they're saying that the app isn't compatible, it's probably because the app is currently vulnerable to exploitation in some way.

Basically, the app must be updated to meet all cloud standards before they can safely install it on your instance. They probably sent you an email containing a list of incompatibilities that the developer needs to address and unless these issues are fixed the app will not be installed.

Once the issues are fixed Splunk will re-evaluate the app for compatibility and as long as all their tests come back clean they should get it installed for you relatively quick.

I wish I had better news for you. 😞

View solution in original post

0 Karma

lacastillo
Path Finder

The Splunk Cloud app team has a strict set of guidelines that they must adhere to when installing apps in order to ensure that all Splunk Cloud instances maintain their security. If they're saying that the app isn't compatible, it's probably because the app is currently vulnerable to exploitation in some way.

Basically, the app must be updated to meet all cloud standards before they can safely install it on your instance. They probably sent you an email containing a list of incompatibilities that the developer needs to address and unless these issues are fixed the app will not be installed.

Once the issues are fixed Splunk will re-evaluate the app for compatibility and as long as all their tests come back clean they should get it installed for you relatively quick.

I wish I had better news for you. 😞

0 Karma

venkatesh_gopal
New Member

Hi Lacastillo,

Thank you very much for the response. We didnt get any email about the list of incompatibilities that the app developer needs to be addressed. I will followup with your team again on this.

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...