Solved: Splunk enterprise default apps in etc apps

sonny_monti · ‎05-17-2019

Dear Splunk community,

I searched for a list of default apps that ships with the enterprise package, but there is not a list of them.
such as:
- alert_logevent
- alert_webhook
- appsbrowser
- framework
- gettingstarted
- introspection_generator_addon
- launcher
- learned
- legacy
- sample_app
- search
- Splunkforwarder
- SplunkLightForwarder
- splunk_gdi
- splunk_httpinput
- splunk_instrumentation
- splunk_monitoring_console
- user-prefs

These are the ones that I believe are shipped by default with enterprise, am I missing some?
Thanks community!

jaxjohnny2000 · ‎07-13-2020

Try this from the management console so it runs against all the servers.

| rest /services/apps/local search="disabled=0" count=0 splunk_server=*
| table title core
| search core=1

View solution in original post

jaxjohnny2000 · ‎07-13-2020

Try this from the management console so it runs against all the servers.

| rest /services/apps/local search="disabled=0" count=0 splunk_server=*
| table title core
| search core=1

richgalloway · ‎05-17-2019

Your list looks complete, but if you install a fresh instance of Splunk on a system (even your laptop) and then run ls /opt/splunk/etc/apps on the command line you will have the full list.

---
If this reply helps you, Karma would be appreciated.

sonny_monti · ‎05-17-2019

Thank you, this is what I did, i posted this just in case other splunkers are thinking about that.
Cheers!

Splunk enterprise default apps in etc apps

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases