Upgrading Kaspersky CyberTrace integration (Splunk)

This section describes how to finish the integration of Kaspersky CyberTrace with Splunk after the upgrade of the Kaspersky CyberTrace files.

When upgrading the integration of Kaspersky CyberTrace with Splunk to the latest version, import the new version of Kaspersky CyberTrace App for Splunk to Splunk. During the import, select the option shown in the picture below.

splunk_upgrade_app

The application settings will be reset. The old settings will be saved in %SPLUNK_DIRECTORY%/etc/apps/Kaspersky-CyberTrace-App-for-Splunk/default.old.%CURRENT_DATE%, where %CURRENT_DATE% can be in the format yyyymmdd-hhmmss (for example, 20190725-161423). Kaspersky CyberTrace App for Splunk must be configured in its entirety, similarly to the way in which the old version was configured.

Page top