Part 3 – Installing Apps
Now we have a working Splunk install it’s about time we took a look at Splunkbase, think of Splunkbase as the Splunk App Store.
In this part, we will install the Splunk Add-on for Unix and Linux. This TA (Technology Add-on) will provide us with field extractions for Unix & Linux logs.
- To get started, go ahead and download the app from the following link. You may need to log in first: https://splunkbase.splunk.com/app/833/
- Once downloaded, log in to the Splunk webGUI and select the cog icon next to “Apps” on the home screen.
- Now select “Install app from file”.
- When prompted for the app file, select “Browse”. In the pop-up directory browser, navigate to the downloaded app file. Select “Upload”.
- A restart of Splunk will be required, when prompted select “Restart Splunk”.
Installing apps from Splunkbase should follow the same process, have a play and get used to installing apps!
