Install Splunk Enterprise Security in a Splunk POD cluster

Installing Splunk Enterprise Security in a Splunk POD cluster improves performance due to a Kubernetes-based scheduling strategy, a unified installation process, and tiered storage management.

Planning to install Splunk Enterprise Security in a Splunk POD cluster

You have three sizing options to install Splunk Enterprise Security on Splunk POD for small, medium, and large deployments. For more information, see the detailed sizing profiles in POD sizing guidelines in the Splunk POD guide.

You must also ensure that you meet specific operating system, hardware, network, and storage requirements for the Splunk POD infrastructure. For more information, see Splunk POD requirements in the Splunk POD guide.

Deploy and manage a Splunk POD cluster

Deploy Splunk POD using the Kubernetes installer for Splunk POD. For more information, see Deploy Splunk POD in the Splunk POD guide.

Use the Kubernetes Installer for Splunk POD to manage your cluster. You can get credentials, access live network connections, install and update apps such as Splunk Enterprise Security (ES), and so on. For more information on managing a Splunk POD cluster, see Manage Splunk POD in the Splunk POD guide.

Install Splunk ES in a Splunk POD cluster

To install Splunk ES into a Splunk POD cluster, you must update the static cluster configuration YAML file. For more information, see Install Splunk ES in the Splunk POD guide.

For information on performance optimization when installing Splunk ES in a Splunk POD cluster, see Performance reference for Splunk Enterprise Security .