Splunk® Enterprise Security

Release Notes

The documentation for Splunk Enterprise Security versions 8.0 and higher have been rearchitected from previous versions, causing some links to have redirect errors. To resolve redirect errors, you must use the version selector on the ES documentation homepage to navigate between the versions.

Compatibility matrix

Splunk Enterprise Security version 8.0.x is not compatible with the Splunk app for PCI compliance. If your Splunk Enterprise Security installation relies on the PCI app, do not upgrade to Splunk Enterprise Security version 8.0.x.

Splunk Enterprise Security version 8.0.x is compatible with Splunk Enterprise (on-prem) version 9.2.0 and higher.

For more information on the compatibility of Splunk Enterprise Security with Splunk Platform, Splunk IT Service Intelligence (ITSI), and Splunk IT Essentials (ITE) Work, see Splunk products version compatibility matrix.

For information on the eligibility requirements for behavioral analytics service with Splunk Enterprise Security, see What do I need to run behavioral analytics service in the Use Splunk Enterprise Security Manual.

Behavioral analytics is a Cloud-only service.

Threat Intelligence Management (Cloud) compatibility and regional availability

Threat Intelligence Management (Cloud) is accessible from within Splunk Enterprise Security to provide intelligence support for users.

To access Threat Intelligence Management (Cloud) within Splunk Enterprise Security, you must:

  • Have a compatible licensed version of Splunk Enterprise Security
  • Reside in an available region

Compatibility

Threat Intelligence Management (Cloud) supports search head cluster (SHC) deployments of Splunk Enterprise Security (Cloud). See the following table for version compatibility with Threat Intelligence Management (Cloud):

Splunk Enterprise Security deployment type Compatible version of Splunk Enterprise Security
Cloud 6.6 or higher

Threat Intelligence Management (Cloud) is not available for use with Splunk Enterprise Security preview or limited release versions.

Available regions

AWS region Geographic area
us-east-1 N. Virginia
us-west-2 Oregon
ap-sourtheast-2 Sydney
ap-northeast-1 Tokyo
ap-southeast-1 Singapore
ca-central-1 Montréal
eu-central-1 Frankfurt
eu-west-2 London
eu-west-1 Ireland
eu-west-3 Paris

If you meet the above criteria, Threat Intelligence Management (Cloud) is automatically included with Splunk Enterprise Security cloud deployments and can be set up by an admin. See Overview of threat intelligence in Splunk Enterprise Security in the Administer Splunk Enterprise Security manual.

Last modified on 14 May, 2025
Limitations   How to find answers and get help with Splunk Enterprise Security

This documentation applies to the following versions of Splunk® Enterprise Security: 8.0.0, 8.0.1, 8.0.2, 8.0.3, 8.0.31, 8.0.40

Acrobat logo Download manual
Acrobat logo Download this page

Please expect delayed responses to documentation feedback while the team migrates content to a new system. We value your input and thank you for your patience as we work to provide you with an improved content experience!

Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters