Splunk® App for PCI Compliance

Release Notes

This documentation does not apply to the most recent version of Splunk® App for PCI Compliance. For documentation on the most recent version, go to the latest release.

Release Notes for the Splunk App for PCI Compliance

  • The app includes a new correlation search to identify privileged users logging in without using multi-factor authentication. This correlation search helps you monitor compliance with requirement 8.3 of PCI DSS 3.2.
  • The app includes framework improvements from Splunk Enterprise Security:
    • Add threat intelligence using an adaptive response action.
    • Upload STIX, OpenIOC, and CSV-formatted threat intelligence files to Enterprise Security. See Configure threat intelligence sources.
    • Programmatically upload, create, read, update, or delete threat intelligence using the threat intelligence REST APIs. See Threat Intelligence API reference in Splunk Enterprise Security REST API Reference.
    • Better manage investigations into potential security incidents with more granular role-based access control for investigations and a new capability to view all investigations in your environment. See Create and track investigations in Splunk Enterprise Security and Manage security investigations in Splunk Enterprise Security.
    • More easily make changes to the organization of the Enterprise Security menu bar. See Customize the menu bar in Splunk Enterprise Security.
    • The load time and performance of the Vulnerability Operations, Vulnerability Center, Asset Center, Identity Center, Session Center, Vulnerability Operations, and Access Anomalies dashboards were improved.

Deprecated features

Starting with this release, the correlationsearches.conf file is no longer used to define correlation searches. Upgrade activity is required in some circumstances. See Correlation searches migration to savedsearches.conf.

Compatibility

This version of the Splunk App for PCI Compliance is compatible with the following versions of the Splunk platform and Splunk Enterprise Security. Only install the Splunk App for PCI Compliance for Enterprise Security with Splunk Enterprise Security. See Install prerequisites in the Installation and Upgrade Manual.

Splunk platform Splunk Enterprise Security
6.5.x and later 4.7.x and later

Support

Last modified on 19 December, 2017
  Splunk App for PCI Compliance Fixed issues

This documentation applies to the following versions of Splunk® App for PCI Compliance: 3.4.0

Acrobat logo Download manual
Acrobat logo Download this page

Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters