Splunk® Security Essentials

Release Notes

This documentation does not apply to the most recent version of Splunk® Security Essentials. For documentation on the most recent version, go to the latest release.

What's new in Splunk Security Essentials

The security content delivery endpoint for Splunk Enterprise Security Content Update (ESCU) has been updated to comply with Splunk guidance. If you are using Splunk Security Essentials version 3.7.1 or lower, the last supported ESCU version is 4.22.0. In order to get the latest ESCU version, upgrade Splunk Security Essentials to version 3.8.0. For more information, see What's new in 3.8.0.

This release of Splunk Security Essentials includes the following enhancements.

What's new in 3.5.0

New Feature or Enhancement Description
Snapshot feature renaming The Snapshot feature has been renamed to Backup and Restore.
Updated Splunk Phantom references Splunk Phantom references in Splunk Security Essentials now reflect the new name, Splunk SOAR.
MITRE ATT&CK Matrix improvements Performance improvements for the MITRE ATT&CK Matrix.
Improvements to the datasource autodetect feature When you manually add custom content or use the Content Introspection feature to add custom content, the correct data source is automatically attached to the custom content.
Data source updates Added support for many data models in the latest 5.0.0 version of the Splunk Common Information Model (CIM) app.
Better support for Splunk Enterprise Security Annotations when adding Custom Content When custom content is manually or automatically created, the annotations in Splunk Enterprise Security are automatically mapped to the corresponding fields in Splunk Security Essentials. The data source is also now automatically detected.
Python update Splunk Security Essentials now only uses Python 3.
Content accessible without internet The most updated content is now accessible in the app for those that do not have an active internet connection.
Last modified on 26 March, 2024
  Known issues for Splunk Security Essentials

This documentation applies to the following versions of Splunk® Security Essentials: 3.5.0

Acrobat logo Download manual
Acrobat logo Download this page

Please expect delayed responses to documentation feedback while the team migrates content to a new system. We value your input and thank you for your patience as we work to provide you with an improved content experience!

Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters