-
Download and install splunk
-
Start it and login
-
Download app: https://github.com/prateepb/splunk-test-app/archive/master.tar.gz
-
Menu: Apps → Manage Apps
-
Install app from file
-
Select downloaded .tar.gz file
Alternately, clone this repo directly into $SPLUNK_HOME/etc/apps and restart splunk
Don’t forget to add a data input. Use source type "waratek_security"