Community Blog
Get the latest updates on the Splunk Community, including member experiences, product education, events, and more!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
New Article

Keep Your Apps in Splunk Enterprise Up-to-Date & Secure With App Assist

adepp
Splunk Employee
Splunk Employee
‎12-29-2022 06:00 AM

This blog post is part 4 of 4 in a series on Splunk Assist. Click the links below to see the other blog posts.

In this blog post, we’ll dive into one of the features within Splunk Assist, called App Assist.

First, What is Splunk Assist? 

(in case you missed it)

Splunk Assist is a free, cloud-connected service for Splunk Enterprise. Assist inspects your deployment for security risks, and using telemetry data sent to Splunk Cloud, provides cloud-powered insights and recommendations. 

It improves your security posture by helping identify unpatched applications, expiring TLS certificates, and insecure configuration settings. With Splunk Assist you’ll be given recommendations that you can act on immediately to make your deployment even more secure. Based on our initial estimates, the insights and recommendations in Assist may also help reduce admins’ efforts spent on platform management tasks by 25%.

What is App Assist?

App Assist helps to keep your apps up-to-date and secure. Have you ever installed an app on your Splunk deployment, stopped using it, and as a result never upgraded? This happens to over 50% of our self-managed customers. 

App Assist inventories and highlights older versions of your Splunkbase apps running on your search heads that might be missing critical security patches in newer versions. It lists a ranked order of currently deployed apps and add-ons (from Splunkbase) based on version gap and nodes they’re installed on. App Assist displays the list of the apps that need to be updated and instructions to download the latest version.

adepp_0-1671572819815.png

In the screenshot above we see a returned list of apps that ought to be updated or disabled for optimal deployment security.

Additional Resources:

Questions or feedback? Contact the team at ssg-splunk-assist@splunk.com

— Baylie Depp, Product Marketing Manager

0 Karma
Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Watch Now!   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to leverage ...

More Control Over Your Monitoring Costs with Archived Metrics!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...

New in Observability Cloud - Explicit Bucket Histograms

Splunk introduces native support for histograms as a metric data type within Observability Cloud with Explicit ...