LogoLogo
Anvilogic WebsiteProduct Documentation
  • Welcome to Anvilogic
  • What's New
    • What's new?
      • 6.x releases
      • 5.x releases
  • Get Started
    • Onboarding guide
      • Log in and set your password
      • Define your company's threat profile
      • Select your data repository and get data in
        • Integrate Splunk as your data repository
          • Download and install the Anvilogic App for Splunk
            • Splunk Cloud Platform
              • Verify requirements
              • Install the Anvilogic App for Splunk
            • Splunk Enterprise
              • Verify requirements
              • Download the Anvilogic App for Splunk
              • Install the Anvilogic App for Splunk
          • Create the Anvilogic indexes
          • Assign the avl_admin role
          • Configure the HEC collector commands
          • Connect to the Anvilogic platform
        • Integrate Snowflake as your data repository
          • Get data into Snowflake
      • Review data feeds
      • (Optional) Upload your existing detections
      • Review and deploy recommended content
      • Additional tasks
    • Reference Architectures
      • Anvilogic on Splunk Architecture
      • Anvilogic on Azure
      • Anvilogic on Snowflake Architecture
        • FluentBit
          • Linux data
          • Syslog data
          • Windows data
        • Fluentd
      • Anvilogic on Databricks Architecture
      • Hybrid - Anvilogic on Splunk & Snowflake Architecture
  • Anvilogic Free Trial
    • Introduction and Overview
    • Sign Up for Free Trial
    • Initial Setup
    • Detection Engineering Workflow
    • Explore the Armory
    • Building a Scenario-Based Detection
    • Create SQL Detections
    • MonteAI for SQL
    • Monte Copilot
      • Monte Copilot supported tools
      • Monte Copilot licensing
      • Monte Copilot privacy and controls
    • Set MITRE ATT&CK Priorities
    • Review Maturity Score
    • Further Exploration and Next Steps
  • Anvilogic Lab
    • Anvilogic Lab Intro
      • Create SQL Detections
      • MonteAI for SQL
      • MITRE & Detection Armory
      • Deploy New Detections
  • Security Controls
    • AI security controls
    • Monte Copilot & AI privacy and controls
Powered by GitBook
On this page
  • Supported versions
  • Where to install the app
  • Splunk Enterprise deployment considerations
  • Splunk Enterprise resource and hardware considerations

Was this helpful?

Export as PDF
  1. Get Started
  2. Onboarding guide
  3. Select your data repository and get data in
  4. Integrate Splunk as your data repository
  5. Download and install the Anvilogic App for Splunk
  6. Splunk Enterprise

Verify requirements

Verify the requirements on this page before you download and install the Anvilogic App for Splunk.

Last updated 9 months ago

Was this helpful?

Supported versions

You can integrate the Anvilogic platform with Splunk Enterprise versions 9.0.x and 8.0 - 8.3.x.

Splunk Enterprise Security (ES) versions 5.0 - 7.0.x are supported.

Where to install the app

Install the Anvilgic App for Splunk on your Splunk search head. The server where you install the Anvilogic App for Splunk must meet the following requirements:

  • The server must be able to connect to over port 443. This is required to download Splunk code and rules metadata.

  • The server must be able to connect to over port 443.

  • The server must be able to connect to over port 443 to send events for third party vendor alert integrations.

If you have multiple Splunk Enterprise instances, install the Anvilogic App for Splunk in only one of those environments.

Splunk Enterprise deployment considerations

For performance considerations, review the following factors in your Splunk Enterprise deployment:

  • The number of concurrent users.

  • The number of concurrent searches.

  • The types of searches used.

When you deploy threat identifiers on the Anvilogic platform, saved searches are created in your Splunk deployment. You can use cron scheduler recommendations on the Anvilogic platform to manage the load on your Splunk deployment.

Splunk Enterprise resource and hardware considerations

Last updated 1 month ago

See in the Splunk Enterprise Capacity Planning Manual.

Resource and hardware considerations for the Anvilogic App for Splunk match the recommendations for your Splunk Enterprise deployment. See in the Splunk Enterprise Capacity Planning Manual.

https://secure.anvilogic.com
https://eoi-files.anvilogic.com
https://databus.anvilogic.com
How concurrent users and and searches impact performance
Reference hardware