Splunk® Enterprise Security

Release Notes

This documentation does not apply to the most recent version of Splunk® Enterprise Security. For documentation on the most recent version, go to the latest release.

Release Notes

This topic contains information on new features, updates, and known issues released with the Splunk App for Enterprise Security.

What's New

  • Splunk App for Stream integration: Facilitates packet data capture into the the Enterprise Security app workflows. See "Splunk App for Stream Integration" in the Enterprise Security Installation and Configuration Manual.
  • Protocol intelligence for wire data: A collection of new dashboards, correlation searches, key security indicators, and swimlanes that report on the information collected from common network protocols. See "Protocol Intelligence dashboards" in the Enterprise Security User Manual.
  • Dynamic Thresholds and Context Awareness: A new set of search commands for creating and maintaining dynamic thresholds, and reporting using common language labels. Set of new and existing correlation searches and key security indicators which leverage this new search capability. See "Extreme Search" in the Enterprise Security User Manual.

Add-ons

  • The latest version of the Splunk Common Information Model app is shipped with the Enterprise Security app. It is also available on Splunk Apps here.
Last modified on 17 November, 2014
  Fixed Issues

This documentation applies to the following versions of Splunk® Enterprise Security: 3.2


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters