Splunk® Enterprise Security

Release Notes

Acrobat logo Download manual as PDF


This documentation does not apply to the most recent version of ES. Click here for the latest version.
Acrobat logo Download topic as PDF

Release Notes for Splunk Enterprise Security

What's New

  • Version 4.1.3 of Splunk Enterprise Security adds support for Splunk platform version 6.5.x. This version of Splunk Enterprise Security requires Splunk software version 6.3.3 through 6.5.x. See Splunk Enterprise system requirements in the Installation and Upgrade Manual.
  • View UBA anomalies on a dedicated dashboard and as a swim lane on the Asset and Identity Investigator dashboards in Splunk Enterprise Security. Anomalies also contribute to asset and identity risk scores. See Analyze Splunk UBA threats and anomalies in Splunk ES in the User Manual
  • Facebook ThreatExchange is available as a new source for threat intelligence. See About the Splunk Add-on for Facebook ThreatExchange in Splunk Add-on for Facebook ThreatExchange.
  • View risk scores directly in Incident Review. See Incident Review in the User Manual.
  • Run a search from the investigation bar. See Investigation Bar in the User Manual.
  • Add attachments to your investigation timelines, view full search strings in the investigator journal, and easily add all investigators to a timeline. See Investigation Timelines in the User Manual.
  • A new use case on identifying zero-day attacks and adding threat indicators to Enterprise Security is available in the Use Cases Manual

Add-ons

Third-party software

  • This version of Splunk Enterprise Security no longer uses autolinker.js.
  • This version of Splunk Enterprise Security no longer uses marked.
Last modified on 04 October, 2016
  NEXT
Fixed issues for Splunk Enterprise Security

This documentation applies to the following versions of Splunk® Enterprise Security: 4.1.3


Was this documentation topic helpful?

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters