Splunk® Enterprise Security

Splunk Enterprise Security provides prebuilt content and searches to help focus security analysts on answering root-cause questions in real-time about malicious and anomalous events in the IT infrastructure.

Release Notes
Information on the new features and functionality in this release of Splunk Enterprise Security.

Installation and Upgrade Manual
A guide to installing and upgrading Splunk Enterprise Security.

User Manual
A guide to the dashboards, searches, and other features of Splunk Enterprise Security.

Use Cases
A collection of use cases for Splunk Enterprise Security

Splunk Enterprise Security Tutorials
Get started creating correlation searches in Splunk Enterprise Security.

REST API Reference
Reference information about the Splunk Enterprise Security REST API.

Included Products

Splunk® Add-on for Facebook ThreatExchange
The Splunk Add-on for Facebook ThreatExchange allows Splunk Enterprise Security users to leverage intelligence from Facebook ThreatExchange within the ES Threat Intelligence framework to populate the existing Threat Activity and Threat Artifact views.