Hello,

Thank you so much for your reply. I went through before reaching out to SPLUNK community. Now went through in detail. My one question, in the instructions, they mentioned on web form and select Install app from file. Is there any ways I can install the CyberArk TA from the CLI interface. I already downloaded the TA. Any help will be highly appreciated. Thank you.

Yes, you can install the TA from the CLI.  Just about any app can be installed that way.

In this case, just expand the downloaded file (it should be a compressed tarball) into the $SPLUNK_HOME/etc/apps directory.  Then restart Splunk.

Hello,

Yes,  I installed and SPLUNK is getting events from that. Is there any documentations on CyberArk TA, I looked at the SPLUNK side, but couldn't find any. Your help will be highly appreciated, thank you! 

The link in my first reply will take you to the complete documentation for the TA.

Hello,

Thank you so much again. That takes me  to the complete documentation for the TA in general. But do we have anything specific on CyberArk TA like any SOP (operational procedure) on it. Thank you!

The link (https://docs.splunk.com/Documentation/AddOns/released/CyberArk/Installation) is specific to the CyberArk TA.  That is all the TA-specific documentation I am aware of.

What question are you trying to answer?

Hello,

It says "

"

I  installed it on  a machine where UF installed on it. Do I still need to install it on SH, it says it is required. Thank you so much again.