Splunk® Security Essentials

Release Notes

Acrobat logo Download manual as PDF


Acrobat logo Download topic as PDF

What's new in Splunk Security Essentials

This release of Splunk Security Essentials includes the following enhancements.

What's new in 3.7.0

New Feature or Enhancement Description
Map custom threat intelligence streams to the MITRE ATT&CK Framework dashboard Map custom threat intelligence streams to the MITRE ATT&CK Framework dashboard to visualize your custom threat content. See Map custom threat intelligence streams to the MITRE ATT&CK Framework dashboard in the Use Splunk Security Essentials manual.
Renamed and reorganized Splunk Security Essentials menu items Renamed the Security Content tab to Content, Content Introspection to Content Mapping and updated where some dashboards appear in the menus.
Replaced words on the data availability dashboard Replaced "Good" and "Bad" in the Data Availability column with "Available" and "Unavailable".
Updated the Add Products modal in data inventory Updated the Add Products modal in data inventory so that you can add products if automated introspection found products for the data type. Or, if no products are found, you can mark that you have no data present. See Configure the products you have in your environment with the Data Inventory dashboard in the Use Splunk Security Essentials manual.
Improved the Content page load time The Content page now loads up to three times faster.
Search for content when content mapping Added a search box to search for content when content mapping. See Track active content in Splunk Security Essentials using Content Mapping in the Use Splunk Security Essentials manual.
Added metrics to the Overview dashboard Added metrics to see the amount of content enabled or disabled by data source and the amount of content enabled or disabled by originating app.
Added uberAgent ESA data to data inventory You can now search for uberAgent data sources and sourcetypes in Splunk Security Essentials.
MITRE ATT&CK parsing, lookups, and auto update Added parsing and lookups for MITRE ATT&CK Data Source and Detection and MITRE ATT&CK details are now automatically updated.
Added more information to ES integration tab in System Configuration Added more instructions on how to integrate with Splunk Enterprise Security.
Last modified on 08 December, 2022
  NEXT
Known issues for Splunk Security Essentials

This documentation applies to the following versions of Splunk® Security Essentials: 3.7.0


Was this documentation topic helpful?


You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters