Splunk® Enterprise Security

Release Notes

This documentation does not apply to the most recent version of Splunk® Enterprise Security. For documentation on the most recent version, go to the latest release.

Release Notes for Splunk Enterprise Security

What's New

  • Version 4.1.3 of Splunk Enterprise Security adds support for Splunk platform version 6.5.x. This version of Splunk Enterprise Security requires Splunk software version 6.3.3 through 6.5.x. See Splunk Enterprise system requirements in the Installation and Upgrade Manual.
  • View UBA anomalies on a dedicated dashboard and as a swim lane on the Asset and Identity Investigator dashboards in Splunk Enterprise Security. Anomalies also contribute to asset and identity risk scores. See Analyze Splunk UBA threats and anomalies in Splunk ES in the User Manual
  • Facebook ThreatExchange is available as a new source for threat intelligence. See About the Splunk Add-on for Facebook ThreatExchange in Splunk Add-on for Facebook ThreatExchange.
  • View risk scores directly in Incident Review. See Incident Review in the User Manual.
  • Run a search from the investigation bar. See Investigation Bar in the User Manual.
  • Add attachments to your investigation timelines, view full search strings in the investigator journal, and easily add all investigators to a timeline. See Investigation Timelines in the User Manual.
  • A new use case on identifying zero-day attacks and adding threat indicators to Enterprise Security is available in the Use Cases Manual

Add-ons

Third-party software

  • This version of Splunk Enterprise Security no longer uses autolinker.js.
  • This version of Splunk Enterprise Security no longer uses marked.
Last modified on 24 September, 2018
  Fixed issues for Splunk Enterprise Security

This documentation applies to the following versions of Splunk® Enterprise Security: 4.1.3


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters