Splunk® Security Essentials

Install and Configure Splunk Security Essentials

Acrobat logo Download manual as PDF


This documentation does not apply to the most recent version of Splunk® Security Essentials. For documentation on the most recent version, go to the latest release.
Acrobat logo Download topic as PDF

Configure Splunk Security Essentials

After you install Splunk Security Essentials, complete these tasks to ensure that Splunk Security Essentials works as intended.

Checklist of tasks to configure Splunk Security Essentials

Complete the following tasks in the order they are listed to configure Splunk Security Essentials.

Step number Task Description Documentation
1 Map data sources using Data Inventory Introspection. Map data sources in Splunk Security Essentials using Data Inventory Introspection so that Splunk Security Essentials can assess your available data. See Configure the products you have in your environment with the Data Inventory dashboard in Use Splunk Security Essentials.
2 Run Content Introspection. Run Content Introspection to find content that you have already created such as searches or alerts and either map that content in Splunk Security Essentials, or define new content. Content Introspection also needs to be configured before you can use the MITRE ATT&CK dashboard. See Track active content in Splunk Security Essentials using Content Introspection in Use Splunk Security Essentials.
3 Use the Data Source Check dashboard to verify if data sources exist for examples. In Splunk Security Essentials, every example has defined prerequisites to help you know if a search works in your environment. You can verify if the data sources exist for examples using the Data Source Check dashboard. See Check data sources with the Data Source Check dashboard in Use Splunk Security Essentials.
Last modified on 28 September, 2021
PREVIOUS
Install Splunk Security Essentials 		  NEXT
Edit permissions to provide write access to Splunk Security Essentials

This documentation applies to the following versions of Splunk® Security Essentials: 3.3.0, 3.3.1, 3.3.2, 3.3.3, 3.3.4

Was this documentation topic helpful?


You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters