Verify requirements
Verify the requirements on this page before you download and install the Anvilogic App for Splunk.
Last updated
Was this helpful?
Verify the requirements on this page before you download and install the Anvilogic App for Splunk.
Last updated
Was this helpful?
You can integrate the Anvilogic platform with Splunk Enterprise versions 9.0.x and 8.0 - 8.3.x.
Splunk Enterprise Security (ES) versions 5.0 - 7.0.x are supported.
Install the Anvilgic App for Splunk on your Splunk search head. The server where you install the Anvilogic App for Splunk must meet the following requirements:
The server must be able to connect to over port 443. This is required to download Splunk code and rules metadata.
The server must be able to connect to over port 443.
The server must be able to connect to over port 443 to send events for third party vendor alert integrations.
If you have multiple Splunk Enterprise instances, install the Anvilogic App for Splunk in only one of those environments.
For performance considerations, review the following factors in your Splunk Enterprise deployment:
The number of concurrent users.
The number of concurrent searches.
The types of searches used.
When you deploy threat identifiers on the Anvilogic platform, saved searches are created in your Splunk deployment. You can use cron scheduler recommendations on the Anvilogic platform to manage the load on your Splunk deployment.
Last updated 1 month ago
See in the Splunk Enterprise Capacity Planning Manual.
Resource and hardware considerations for the Anvilogic App for Splunk match the recommendations for your Splunk Enterprise deployment. See in the Splunk Enterprise Capacity Planning Manual.