Product News & Announcements
All the latest news and announcements about Splunk products. Subscribe and never miss an update!

Introducing Splunk Assist!

brittanyc
Splunk Employee
Splunk Employee

At .conf we'll unveil the general availability of Splunk Assist, a fully managed cloud service that provides deep insights into the security posture of Splunk Enterprise deployments. Assist continually helps Splunk admins get cloud-powered insights with the latest recommendations from Splunk Cloud. Assist is included as part of Splunk Enterprise version 9.0, making it feasible for Splunk admins to immediately access and act on recommendations. Since Assist is cloud-powered, customers will see new features and capabilities that continually get better over time.

Prior to Assist, Splunk administrators used to manually configure and monitor Splunk Enterprise deployments to ensure they remained updated and secured, whether running on-premises or in public cloud providers such as Amazon Web Services (AWS), Azure, and Google Cloud Platform. Splunk environments have many customizable settings. As the number of nodes in a Splunk deployment grows, it can get harder to keep track of security settings, app patches, and expiring transport layer security (TLS) certificates. Tasks like alerting on security vulnerabilities, hardening security configuration knobs, and staying up to date with security patches take time and resources away from higher valued-added tasks that are tied directly to business value for customers.

Assist will analyze your Splunk deployment and compare the settings in your deployments against best practice security configurations used to run optimized Splunk Cloud deployments. Assist constantly evaluates your security posture and alerts administrators with recommendations tailored to the specific needs of their business. Administrators can easily review and act on the recommendations, remaining in full control of their Splunk deployments. 

There are four simple steps to enabling Splunk Assist:

  1. Install or upgrade Splunk Enterprise to 9.0
  2. Enable “Support Usage Data”: Confirm Support Usage Data (SUD) is enabled
  3. Upgrade network settings: Open port 443 and allow outbound traffic to *.scs.splunk.com
  4. Activate Splunk Assist: Use a unique one-time activation code tied to your license to secure your data in the cloud

Questions or feedback? Contact the team at ssg-splunk-assist@splunk.com.

— Brittany Coppola, Product Marketing Manager

Get Updates on the Splunk Community!

Improve Your Security Posture

Watch NowImprove Your Security PostureCustomers are at the center of everything we do at Splunk and security ...

Maximize the Value from Microsoft Defender with Splunk

 Watch NowJoin Splunk and Sens Consulting for this Security Edition Tech TalkWho should attend:  Security ...

This Week's Community Digest - Splunk Community Happenings [6.27.22]

Get the latest news and updates from the Splunk Community here! News From Splunk Answers ✍️ Splunk Answers is ...