This guide does not cover the step by step details for deploying forwarders and getting data in but allows you to see the flow and process of getting each dashboard to light up.
What is the Essential 8 link
Process To deploy the Essential 8 Add-On for Splunk and Essential 8 App For Splunk there are some steps that need to be followed. We will cover most but not all components.
App / Add-On Dependencies
Single Instance All add-ons are supported in a single-instance Splunk Enterprise deployment.
Follow these steps to install each app in a single-instance deployment.
Distributed Instance
For an overview on how to install an add-on or app in a distributed environment please see the following link.
link
Where to install these add-ons
App Name | Indexer | Search Head | Heavy Forwarder | Universal Forwarder |
---|---|---|---|---|
Essential 8 App for Splunk | X | |||
Essential 8 Add-On for Splunk | X | X | X | |
Splunk Common Information Model | X |
Note: Heavy forwarder required if used as an interim forwarder.
Full wiki details link
App inspect for 8.x
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.