Installation requirements and version dependencies
To use the Splunk Add-on for Splunk Attack Analyzer, complete the following:
- You must purchase Splunk Attack Analyzer.
- You must use Splunk Enterprise 9.0.x or higher or Splunk Cloud Platform.
Splunk Enterprise installation prerequisite
If you install the Splunk Add-on for Splunk Attack Analyzer on Splunk Enterprise, your user account must have the admin role and the edit_local_app capability. The admin role includes that capability by default.
System requirements
This add-on runs on the Splunk platform. The following system requirements apply for the Splunk software you use to run the Splunk Add-on for Splunk Attack Analyzer.
| Deployment | More information |
|---|---|
| On-premises deployment of Splunk platform | See System requirements for use of Splunk Enterprise on-premises in the Splunk Enterprise Installation Manual. |
| Splunk Cloud Platform | See Where to install Splunk add-ons in the Splunk Supported Add-ons manual. |
Version dependencies
See the following table to ensure you are using the correct combination of the add-on and the Splunk platform:
| Splunk Add-on for Splunk Attack Analyzer version | Splunk platform version |
|---|---|
| 1.0.0 | Splunk Enterprise 9.0.x or higher or Splunk Cloud Platform |