Splunk® Enterprise Security

Installation and Upgrade Manual

Acrobat logo Download manual as PDF


This documentation does not apply to the most recent version of Splunk® Enterprise Security. For documentation on the most recent version, go to the latest release.
Acrobat logo Download topic as PDF

About the Splunk App for Enterprise Security

The Splunk App for Enterprise Security provides the security practitioner with visibility into security-relevant threats found in the enterprise infrastructure by capturing, monitoring, and reporting on data from enterprise security devices, systems, and applications. Through the use of Splunk Enterprise searching and reporting capabilities, the Enterprise Security app provides a top-down and bottom-up view of an organization's security posture.

The Splunk App for Enterprise Security leverages Splunk Enterprise search-time normalization techniques, saved searches, and correlation searches to provide visibility into security-relevant threats and activity and generate notable events for tracking. The Enterprise Security app will assist the security practitioner in investigating and exploring the data to find new or unknown threats that do not follow signature-based patterns.

The Installation and Configuration Manual covers planning, installing, and configuring the Splunk for Enterprise Security deployment. It also covers how to customize the app after installation. The upgrade topic discusses how to update to the latest version of the Splunk App for Enterprise Security.

This manual assumes the reader can install, configure, and administer Splunk Enterprise. If you need training on Splunk Enterprise and the Enterprise Security app, see Education Courses for Enterprise Security Customers for more information.

Other manuals for the Splunk App for Enterprise Security:

  • Release Notes: New and enhanced features, known issues, and bug fixes.
  • User Manual: Using the Splunk App for Enterprise Security.
Last modified on 02 July, 2014
  NEXT
Learn More and how to get help

This documentation applies to the following versions of Splunk® Enterprise Security: 3.1, 3.1.1, 3.2, 3.2.1, 3.2.2, 3.3.0, 3.3.1, 3.3.2, 3.3.3


Was this documentation topic helpful?


You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters