Splunk Enterprise Security

Unable to install PhishTank app in Splunk ES

venkatesh_gopal
New Member

Hi Nimish Doshi,

We are unable to install the phish tank app in our splunk instance. We reached to our support team and seems that the requested app isn't compatible with the version of splunk running on the splunk cloud instance. (Our version - 7.0.2.1) Splunk Vendor recommended reaching out to the Apps developer in order to have them update the compatibility of the app.

Is there anything that you could help us on this? Any suggestions on how we proceed further in installing the app with the current version? Or Splunk version needs to be upgraded or phishtank available with compatability?

0 Karma
1 Solution

lacastillo
Path Finder

The Splunk Cloud app team has a strict set of guidelines that they must adhere to when installing apps in order to ensure that all Splunk Cloud instances maintain their security. If they're saying that the app isn't compatible, it's probably because the app is currently vulnerable to exploitation in some way.

Basically, the app must be updated to meet all cloud standards before they can safely install it on your instance. They probably sent you an email containing a list of incompatibilities that the developer needs to address and unless these issues are fixed the app will not be installed.

Once the issues are fixed Splunk will re-evaluate the app for compatibility and as long as all their tests come back clean they should get it installed for you relatively quick.

I wish I had better news for you. 😞

View solution in original post

0 Karma

lacastillo
Path Finder

The Splunk Cloud app team has a strict set of guidelines that they must adhere to when installing apps in order to ensure that all Splunk Cloud instances maintain their security. If they're saying that the app isn't compatible, it's probably because the app is currently vulnerable to exploitation in some way.

Basically, the app must be updated to meet all cloud standards before they can safely install it on your instance. They probably sent you an email containing a list of incompatibilities that the developer needs to address and unless these issues are fixed the app will not be installed.

Once the issues are fixed Splunk will re-evaluate the app for compatibility and as long as all their tests come back clean they should get it installed for you relatively quick.

I wish I had better news for you. 😞

0 Karma

venkatesh_gopal
New Member

Hi Lacastillo,

Thank you very much for the response. We didnt get any email about the list of incompatibilities that the app developer needs to be addressed. I will followup with your team again on this.

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...