Splunk Enterprise Security

What are best practices to install Splunk & Splunk App for Enterprise Security on Windows or Linux?

New Member


I would like to know what are the steps to install and deploy Splunk & the Splunk App for Enterprise Security to avoid performance problems?

Any help please ?


0 Karma

Splunk Employee
Splunk Employee


you should take care about:

  • Design your indexes to optimize the searches (do not mix huge proxy logs with small ids logs for ex.)
  • Policy retention in order to make sure that relevant data will be on fast disks
  • have multiple indexers than one big box
  • dedicate Search Head for ES (if others apps will be used)
  • tune datamodel acceleration based on your needs and data.
0 Karma
Register for .conf21 Now! Go Vegas or Go Virtual!

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.