September 2023 

Splunk SOAR Version 6.1.1 is Now Available

The latest version of Splunk SOAR launched on September 6th. Version 6.1.1 adds some new condition options to the Visual Playbook Editor and also provides users with the ability to convert classic playbooks into the current Visual Playbook Editor format through a new CLI conversion tool. Other updates include support for PostgreSQL version 15 for deployment and standalone, non-clustered environments can now run diagnostic commands and upload the resulting logs directly to Splunk Support. For more information, be sure to check out the latest release notes for the on-prem and cloud versions.

Splunk Enterprise Security 7.2 is Now Available

In our latest release of Splunk Enterprise Security 7.2, we introduce capabilities that deliver an improved workflow experience for simplified investigations; enhanced visibility and reduced manual workload; and customized investigation workflows for faster decision-making. You can find this version on Splunkbase! Release notes can be found here.

Splunk User Behavior Analytics (UBA) 5.3

The latest release of Splunk User Behavior Analytics (UBA) 5.3 introduces three new models and 20 Node XL cluster for extraordinary scale and scope. Read the release blog to learn more about UBA 5.3 and the blog for detecting Lateral Movement Using Splunk User Behavior Analytics

Splunk Threat Briefing: Newest Observed TTPs in the Wild 

Watch the on demand recording of the Splunk Threat Research Team showcasing the entire exploitation sequence of the latest remote access trojans (RATs), destructive payloads and post-exploitation techniques. The team also highlights related security content developed to enhance your defenses.

2023 Gartner Market Guide for SOAR 

If your team is looking to evaluate how security orchestration, automation and response (SOAR) can support and optimize your security operations, download a copy of the 2023 Gartner Market Guide for SOAR. 

New blogs to help you make the most of Splunk Security 

• Key Threat Hunting Deliverables with PEAK
• Integrated Intelligence Enrichment with Threat Intelligence Management  
• That Was Easy! Manage Lookup Files and Backups with the Splunk App for Lookup File Editing  

Security Content from the Splunk Threat Research Team
The Splunk Threat Research Team has had four releases of security content in the last month, which provide 24 new detections, 27 updated detections and 8 new analytic stories. Read the Product News & Announcements post to learn more.

Use Case Explorer

See and read about our completely updated Use Case Explorer content on Splunk Lantern!  You can find prescriptive guidance from Splunk that will guide you on your digital resilience journey from foundational visibility to optimized experiences.

Platform Updates

Flatten the SPL Learning Curve: Introducing Splunk AI Assistant for SPL

Learn more about the preview of Splunk’s generative AI offering! Read this blog to discover how the Splunk AI Assistant uses an AI-powered chat experience to help new users quickly get up to speed with SPL and advanced users unlock more out of Splunk by providing query suggestions, explanations, and detailed breakdowns.

Fastest Time-to-Value Anomaly Detection in Splunk: The Splunk App for Anomaly Detection 1.1.0

Brand new to ML and looking for an easy way to get started? Check out the Splunk App for Anomaly Detection to help you find anomalies in your dataset in just a few clicks! You can unlock the power of ML in your everyday workflows, while also simplifying tasks that are historically complex and time consuming. 

Looking for more AI and ML content? Check out the new AI and ML tab on the Essentials Board to kickstart your journey.

October 2023 Customer Advisory Boards

Sign up and join our October 2023 Customer Advisory Boards! You’ll get access to previews of new products and capabilities, interact with industry experts and provide feedback to influence the future of Splunk products. Use this link to sign up!

Contact us at advisoryprograms@splunk.com with any questions.

Tech Talks, Office Hours and Lantern

Tech Talks

Security Edition | There's No Place Like Chrome...and the Splunk Platform!
September 26 at 11 am PT

Platform Edition |  Introduction to Splunk AI September 27 at 11 am PT

Security Webinar

Build Scalable Security while Migrating to Cloud : Best Practices from Clayton Homes
Wednesday, October 11, 11 am PT - 12 pm PT

Community Office Hours

Interested in getting live help from technical Splunk experts? Join our upcoming Community Office Hour sessions, where you can ask questions and get guidance on all things OpenTelemetry, Risk-Based Alerting, and Enterprise Security. Limited Spots Available - Register Now!

• Observability: OpenTelemetry - Wed, Sep 27 at 1pm PT/4pm ET
• Security: Risk-Based Alerting (RBA) - Wed, Oct 11 at 1pm PT/4pm ET
• Security: Enterprise Security - Wed, Oct 25 at 1pm PT/4pm ET

Splunk Lantern 

Did You Know: Splunk Edge Processor common use cases

Use Splunk Edge Processor to accelerate your pre-ingest data transformation capabilities! Let Splunk Lantern walk you step-by-step through two common use cases to help you get started: masking IP addresses and routing designated events to specific indexes.

Education Corner

Cybersecurity Education is a Hot Topic 

If you’re in the U.S., you may have heard about the Biden administration’s National Cyber Workforce and Education Strategy announced on July 31, 2023. It’s kind of a big deal. One key objective is to address the shortage of cybersecurity professionals in the U.S., which leans heavily into enhancing cyber skills education. At Splunk, we've had our eyes on this for a while, which is why we continue to offer free cybersecurity and skills training – available and accessible anywhere, anytime. We have a curriculum of over 40 free self-paced courses – including our newest,  “The Cybersecurity Landscape” and “Security Operations and the Defense Analyst.” Plus, an entire catalog of self-paced training with labs and instructor-led courses. 

Splunk Education Spans the Globe

Have you ever wondered how you can access Splunk Education Training and Certification in your own region, in your own language, with local support? Well wonder no more! The Splunk Authorized Learning Partner (ALP) program is an extension of Splunk Education – offering you access to the quality of education you've come to expect from us. ALPs offer courses that dive into Cloud, Security, and Observability for administrators, architects, and users – in your language, timezone, and location. Find out more about our global learning partners today. 

Talk with us about Splunk!

The Splunk product design team wants to learn about how you use our products. If you’re interested in contributing, please fill out this quick questionnaire so we can reach out to you. This may take such forms as a survey, receiving an email to schedule an interview session, or some other type of research invitation. We look forward to hearing from you!

Until next month,

Happy Splunking