Product News & Announcements
All the latest news and announcements about Splunk products. Subscribe and never miss an update!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
New Article

Introducing Splunk Assist!

brittanyc
Splunk Employee
Splunk Employee
‎06-16-2022 09:00 AM

At .conf we'll unveil the general availability of Splunk Assist, a fully managed cloud service that provides deep insights into the security posture of Splunk Enterprise deployments. Assist continually helps Splunk admins get cloud-powered insights with the latest recommendations from Splunk Cloud. Assist is included as part of Splunk Enterprise version 9.0, making it feasible for Splunk admins to immediately access and act on recommendations. Since Assist is cloud-powered, customers will see new features and capabilities that continually get better over time.

Prior to Assist, Splunk administrators used to manually configure and monitor Splunk Enterprise deployments to ensure they remained updated and secured, whether running on-premises or in public cloud providers such as Amazon Web Services (AWS), Azure, and Google Cloud Platform. Splunk environments have many customizable settings. As the number of nodes in a Splunk deployment grows, it can get harder to keep track of security settings, app patches, and expiring transport layer security (TLS) certificates. Tasks like alerting on security vulnerabilities, hardening security configuration knobs, and staying up to date with security patches take time and resources away from higher valued-added tasks that are tied directly to business value for customers.

Assist will analyze your Splunk deployment and compare the settings in your deployments against best practice security configurations used to run optimized Splunk Cloud deployments. Assist constantly evaluates your security posture and alerts administrators with recommendations tailored to the specific needs of their business. Administrators can easily review and act on the recommendations, remaining in full control of their Splunk deployments. 

There are four simple steps to enabling Splunk Assist:

  1. Install or upgrade Splunk Enterprise to 9.0
  2. Enable “Support Usage Data”: Confirm Support Usage Data (SUD) is enabled
  3. Upgrade network settings: Open port 443 and allow outbound traffic to *.scs.splunk.com
  4. Activate Splunk Assist: Use a unique one-time activation code tied to your license to secure your data in the cloud

Questions or feedback? Contact the team at ssg-splunk-assist@splunk.com.

— Brittany Coppola, Product Marketing Manager

2 Comments
pc1
Path Finder
‎06-20-2022 11:22 AM

Is Splunk Assist free to use? 

0 Karma
VatsalJagani
SplunkTrust
SplunkTrust
‎06-20-2022 09:06 PM

@pc1 - Yes.

From Doc - https://docs.splunk.com/Documentation/Splunk/9.0.0/DMC/AssistIntro 

VatsalJagani_0-1655784359810.png

 

I hope this helps!!! Kindly upvote if it does!!!

 

Get Updates on the Splunk Community!

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...

Splunk Custom Visualizations App End of Life

The Splunk Custom Visualizations apps End of Life for SimpleXML will reach end of support on Dec 21, 2024, ...