Release Notes for the Splunk App for PCI Compliance
- The app includes a new correlation search to identify privileged users logging in without using multi-factor authentication. This correlation search helps you monitor compliance with requirement 8.3 of PCI DSS 3.2.
- The app includes framework improvements from Splunk Enterprise Security:
- Add threat intelligence using an adaptive response action.
- Upload STIX, OpenIOC, and CSV-formatted threat intelligence files to Enterprise Security. See Configure threat intelligence sources.
- Programmatically upload, create, read, update, or delete threat intelligence using the threat intelligence REST APIs. See Threat Intelligence API reference in Splunk Enterprise Security REST API Reference.
- Better manage investigations into potential security incidents with more granular role-based access control for investigations and a new capability to view all investigations in your environment. See Create and track investigations in Splunk Enterprise Security and Manage security investigations in Splunk Enterprise Security.
- More easily make changes to the organization of the Enterprise Security menu bar. See Customize the menu bar in Splunk Enterprise Security.
- The load time and performance of the Vulnerability Operations, Vulnerability Center, Asset Center, Identity Center, Session Center, Vulnerability Operations, and Access Anomalies dashboards were improved.
Starting with this release, the
correlationsearches.conf file is no longer used to define correlation searches. Upgrade activity is required in some circumstances. See Correlation searches migration to savedsearches.conf.
This version of the Splunk App for PCI Compliance is compatible with the following versions of the Splunk platform and Splunk Enterprise Security. Only install the Splunk App for PCI Compliance for Enterprise Security with Splunk Enterprise Security. See Install prerequisites in the Installation and Upgrade Manual.
|Splunk platform||Splunk Enterprise Security|
|6.5.x and later||4.7.x and later|
- Visit Splunk Answers to ask questions of the Splunk community.
- Access the #splunk IRC channel on EFnet.
- For assistance with an issue, file a case using the Splunk Support Portal.
- For assistance installing, upgrading, or scaling a Splunk App for PCI Compliance deployment, contact the Splunk Professional Services team.
Splunk App for PCI Compliance Fixed issues
This documentation applies to the following versions of Splunk® App for PCI Compliance: 3.4.0