I have recently deployed Splunk Enterprise Security (ES) on one of our Search Heads. While installing, it could not proceed, since I had two add-ons already installed (Splunk Add-on for Microsoft Windows and Splunk Add-on for Tenable) using my deployment server. I removed those add-ons from the deployment server and I was able to install ES. Now, one section in ES documentation says, "Deploy add-ons included with Splunk Enterprise Security": http://docs.splunk.com/Documentation/ES/4.7.2/Install/InstallTechnologyAdd-ons
Now my question is, how should i deploy these add-ons to my forwarders? Shall i use deployment server to deploy them? Or it conflicts with ES? I am confused.
Regards
Shubham
... View more