About Splunk Enterprise Security
Splunk Enterprise Security uses the Splunk platform's searching and reporting capabilities to provide the security practitioner with an overall view of their organization's security posture. Enterprise Security uses correlation searches to provide visibility into security-relevant threats and generate notable events for tracking identified threats. You can capture, monitor, and report on data from devices, systems, and applications across your environment.
This manual is written for a user capable of installing, configuring, and administering Splunk software. If you need training on the Splunk platform and Enterprise Security, see Education Courses for Enterprise Security Customers.
Other manuals for Splunk Enterprise Security:
- Release Notes: New and enhanced features, known issues, and bug fixes.
- User manual: Using and configuring Splunk Enterprise Security.
- Use Cases manual: User scenarios for finding security incidents using Splunk Enterprise Security
Deployment planning |
This documentation applies to the following versions of Splunk® Enterprise Security: 4.1.0, 4.1.1, 4.1.2, 4.1.3, 4.1.4, 4.2.0 Cloud only, 4.2.1 Cloud only, 4.2.2 Cloud only, 4.5.0, 4.5.1, 4.5.2, 4.5.3, 4.6.0 Cloud only
Feedback submitted, thanks!