###SPLUNK TECHNICAL ASSESSMENT GUIDE###

Prerequisites
-Splunk running on version 6.3 or later.
-The STA must be installed on a host with the Distributed Management Console (DMC) configured. Information regarding the DMC, including where and how to configure it can be found here: http://docs.splunk.com/Documentation/Splunk/latest/DMC/DMCoverview 
-In addition to the remote hosts being setup as distributed search peers as discussed in the aforementioned documentation, heavy forwarders should also be added.
-Globally export the DMC assets.csv lookup file.
-Supported on UNIX and Windows operating systems.

Application Install
To install the STA application find the latest version from box located here: <link to app> and place it on a machine that is accessible to the customer’s Splunk environment. Once downloaded, upload the STA package via Splunk web by selecting Apps -> Manage Apps -> Install app from file and select the application from the download location.

No restart or additional configuration is required within the STA application after uploading it to the Splunk environment but you will need to validate the scheduled searches identified in the “Knowledge Objects” section below are enabled and scheduled. By default, these searches will be enabled and run at installation.
