This blog post is part 1 of 4 in a series on Splunk Assist. Click the links below to see the other blog posts.
Are you worried about whether your deployment is secure? Are you tired of keeping track of all security vulnerabilities? What about making sure that your hundreds of certificates are not expired?
You’re not alone!
Splunk Assist is a free, fully-managed service that brings the power of Splunk Cloud management insights to Splunk Enterprise deployments - putting your telemetry data to work!
Splunk Assist provides you with a single place to continuously monitor your deployment and take actions on recommendations to improve your security posture.
Admins receive cloud-powered recommendations to change configurations and make necessary updates to Splunkbase apps to enhance security. It helps you identify unpatched applications, expiring TLS certificates, and insecure configuration settings.
Based on our initial estimates, the insights and recommendations in Assist may help reduce admins’ efforts spent on platform management tasks by 25%. This time back will allow admins to spend more time on extracting value out of Splunk.
In this screenshot we see an overview of the Splunk Assist dashboard which you can find by navigating to the Monitoring Console.
Splunk Assist operates as part of the Monitoring Console. It comes with Splunk Enterprise version 9.0 and higher, and you do not have to download or install anything to use it.
There are four easy steps to enable Assist for your deployment (see How to configure Splunk Assist for more details):
Additional Resources:
Questions or feedback? Contact the team at ssg-splunk-assist@splunk.com.
— Baylie Depp, Product Marketing Manager
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.