Components

Note: Third party names, logos, marks, and general references used in these materials are the property of their respective owners or their affiliates in the United States and/or other countries. Inclusion of such references are for informational purposes only and are not intended to promote or otherwise suggest a relationship between Splunk AppDynamics and the third party.

The Virtual Appliance comprises following components:


Component	Description
OS	Based on Ubuntu 24-04-lts Virtual Appliance deployments on AWS use Cisco Secured Linux (CSL), which provides a CIS Level 2 compliant Ubuntu environment.
MicroK8s (Version 1.30)	Microk8s is a lightweight CNCF certified Kubernetes (k8s) distribution. Microk8s has been hardened to meet CIS k8s Benchmark v1.6.0. It offers a secure simple programmable process to bring up a k8s cluster. Splunk AppDynamics Virtual Appliance supports your own Kubernetes cluster to install VA services. For more information, see Install Virtual Appliance on Your Own Kubernetes Cluster.
Infrastructure Services	Splunk AppDynamics Services use the required infrastructure components such as, MySQL, Ingress controller, Elasticsearch, Kafka, PostgreSQL and so on.
Splunk AppDynamics Services	Splunk AppDynamics components such as, Controller, EUM, and Events service. To determine the component versions packaged with the Virtual Appliance, seeVirtual Appliance Package Contents.

Default Kubernetes Cluster: Virtual Appliance services are deployed on the Kubernetes Cluster that is bundled in the package.
Custom Kuberenetes Cluster: Virtual Appliance services are deployed on the custom Kubernetes Cluster. See, Install Virtual Appliance on Your Own Kubernetes Cluster

Hardening CSL for Kubernetes

The Virtual Appliance for AWS and VMware is built upon the Cisco Secured Linux (CSL) OS, which adheres to Center for Internet Security (CIS) Level 2 hardening standards. However, to accommodate the specific operational needs of AppDynamics services within a Kubernetes environment, certain adjustments are made to the original CSL OS baseline. For more information, download CIS Ubuntu Linux 24.04 LTS benchmark.

CSL OS Baseline Deviations:

overlayfs - While CIS guidelines recommend disabling the overlayfs module, it remains enabled to ensure proper functionality for Docker and Kubernetes.
No Disk Partitions - CIS guidelines recommend separating the root (/) and /home partitions. The Virtual Appliance configuration maintains both within the same root partition to support standard deployment requirements.
IP Forwarding is Enabled - Although CIS guidelines recommend disabling IP forwarding, it is enabled to support essential network functions within the Kubernetes cluster.

AppDynamics On-Premises

Components

Hardening CSL for Kubernetes

ON THIS PAGE

Splunk Enterprise

Splunk Cloud Platform

Splunkbase

Enterprise Security

SOAR

IT Service Intelligence

Content Packs

Splunk Observability Cloud

AppDynamics SaaS

AppDynamics On-Premises

Virtual Appliance (Self-Hosted)

Developer Documentation

Splunkbase

Splunk Enterprise

Splunk Cloud Platform

Splunkbase

DATA MANAGEMENT

SEARCH AND ANALYTICS

ADMINISTRATION

Enterprise Security

SOAR

ENTERPRISE SECURITY

SOAR

RELATED APPS

IT Service Intelligence

Content Packs

ITSI

IT Ops

ADMINISTRATION

EXTENSIONS

Splunk Observability Cloud

MONITORING

DATA MANAGEMENT

ADMINISTRATION

AppDynamics SaaS

AppDynamics On-Premises

Virtual Appliance (Self-Hosted)

ESSENTIALS

MONITORING

ADMINISTRATION

Developer Documentation

Splunkbase

PLATFORM

OBSERVABILITY

REFERENCE

Resources

REFERENCE

Learn More

Support

Components

Hardening CSL for Kubernetes