Splunk Enterprise

Splunk App for Windows Infrastructure (Upgrade or New Installation)

SirDrake7
Explorer

Our Splunk environment appears to have been installed with the basic installation and just handed over to our development staff, who have done some amazing things with it for our application monitoring and such.  I recently noticed this and have upgraded it from 7.1 to 7.3 Enterprise and then to 8.1 Enterprise.  I also went in and upgraded the majority of the applications ensuring that I keep the majority on the app version that supported both 7.x and the new 8.x.  Our Splunk App for Windows Infrastructure is currently version 4.8.4 and research is telling me to upgrade to version 5.0 prior to moving on to version 7.  That is where my question comes in:

If I open up the app - it's at the Setup stage, meaning it docent even appear to have been installed.  If that is the case can I not just delete the version 4.8.4, and go directly to version 7 and set that up?  Or should I go to 5.0 and then up to make sure?  Is there anyway to verify?  Thanks for any advice - we are just a small shop (which may be why it was setup as it was), so starting fresh with a new install would be easier for me to understand but I don't want to take a short cut either and get burt.   

Setup the Splunk App for Windows Infrastructure

Prerequisites - Requirements for the app
Check Data - Verify data is coming into Splunk
Customize Features - Detect and choose which features to use

 

 

Splunk v7.2.0+

OK: Splunk v8.1.0 detected

OK: Key value store is enabled. Learn more.

 

 

Splunk Add-on for Microsoft Windows v7.0.0

Update required: v4.8.4 installed. It does not match with v7.0.0

 

Splunk Supporting Add-on for Microsoft Windows Active Directory v3.0.1

OK: Splunk Supporting Add-on for Microsoft Windows Active Directory v3.0.1 detected

 

Labels (1)
0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...