Splunk® Enterprise Security

Use Splunk Enterprise Security

Download manual as PDF

Download topic as PDF

About Splunk Enterprise Security

Splunk Enterprise Security provides the security practitioner with visibility into security-relevant threats found in today's enterprise infrastructure. Splunk Enterprise Security is built on the Splunk operational intelligence platform and uses the search and correlation capabilities, allowing users to capture, monitor, and report on data from security devices, systems, and applications. As issues are identified, security analysts can quickly investigate and resolve the security threats across the access, endpoint, and network protection domains.

Access Splunk Enterprise Security

  1. Open a web browser and navigate to Splunk Web.
  2. Log in with your username and password.
  3. From the Apps list, click Enterprise Security.

Get started

Get started with common analyst workflows in Splunk Enterprise Security.


If you are a Splunk Enterprise Security administrator, see Administer Splunk Enterprise Security to access documentation specific to your administrator workflows.

  NEXT
Overview of Incident Review in Splunk Enterprise Security

This documentation applies to the following versions of Splunk® Enterprise Security: 4.7.0, 4.7.1, 4.7.2, 4.7.3, 4.7.4, 4.7.5, 4.7.6, 5.0.0, 5.0.1, 5.1.0, 5.1.1, 5.2.0, 5.2.1, 5.2.2, 5.3.0, 5.3.1


Was this documentation topic helpful?

Enter your email address, and someone from the documentation team will respond to you:

Please provide your comments here. Ask a question or make a suggestion.

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters