Consider this your go-to resource for everything happening in the world of Splunk Data Management!

Looking to search and analyze years of Amazon S3 security data without ingesting or indexing it first? Splunk Cloud’s Federated Search for Amazon S3 gives you instant access to your historical data in Amazon S3. And now, you can try it for free with our new trial license.

The upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform 10.2.x will introduce support for the Python 3.13 interpreter. This update allows customers to run their Splunk apps and technology add-ons (TAs) on the latest Python version, providing an opportunity to modernize apps and leverage Python 3.13’s improvements.

A Security Conversation That Needed to Happen 

For years, many of us in the Splunk community have relied on transport layer security (TLS) to secure traffic between Splunk components—forwarders, indexers, search heads, and more. TLS did the job: encrypt traffic, authenticate the server, and move on. But as the world shifted—toward a Zero Trust framework, tighter compliance, and more aggressive cyber threats—the age-old question resurfaced: "How do I really know who’s on the other end of that connection?" 

Enter Mutual TLS (mTLS). In a world where verifying the server alone isn't enough, mTLS takes things up a notch. It requires both the server and the client to prove their identity. Think of it as cryptographically enforced mutual trust. 

The past few weeks have brought significant and exciting developments for the Splunk community! We've seen major advancements, exciting new features, and a wealth of knowledge shared. As we continue our "Strengthen Your Future" series, it’s the perfect time to reflect on some of the most impactful announcements and resources that are shaping the Splunk Platform.

Discover the AI assistant usage dashboard in Cloud Monitoring Console and how Splunk Admins can use it to optimize their AI usage within Splunk.

Splunk developers, prepare for a game-changing update! The new Splunkbase App Listing Management public preview is here, streamlining your app submission experience. Enjoy powerful features like draft listings, a massive 2GB package limit, enhanced developer profiles, and a lightning-fast, automated AppInspect process that cuts review times from days to minutes. This is designed to supercharge innovation and ensure top-quality apps for all Splunk users.

In our first installment of this blog series, we introduced the exciting compliance and security enhancements coming to the next Splunk platform version, Splunk Enterprise 10.0 and Splunk Cloud Platform 10.0. Use this series as your go-to resource for key updates, benefits, and preparations for Splunk administrators and developers alike. Today, we continue the journey by diving into upgrade readiness and additional potentially breaking changes, equipping you with the insights you need for a seamless transition.

Ensure your Splunk apps are ready for the future! Splunk Enterprise 10 is here, don't let your users be left behind – upgrade your app today to work towards a seamless transition.

The new and improved Performance Insights for Splunk, a tool for your infrastructure performance monitoring tool belt, gives a correlated view across usage patterns, resources, and system elements, allowing you to optimize your system and ensure you are getting the best value from it.

This article describes when the Splunk App for Anomaly Detection will go End of Life, including steps to be taken if you are using the app today.

We’re excited to announce the launch of a foundational enhancement to Splunkbase: App Tiering.

Now you can filter apps by author type—Splunk, Cisco, Partners, or Community—making it faster to find trusted solutions that fit your needs.

We at Splunk are excited to kick off a new series of blogs dedicated to helping you understand the compliance landscape and new feature opportunities in the next platform upgrade for Splunk Enterprise and Splunk Cloud Platform. Each edition will provide essential updates for Splunk administrators and application developers, focusing on key benefits and modernizations. Think of this series as a one-stop-shop and look back on new announcements and required actions to prepare your environment and applications for the next upgrade. 

You asked, and we delivered! SPL just got easier with the latest release of the Splunk AI Assistant for SPL app 1.1.0, offering general availability of a new personalization feature. The AI Assistant now understands your environment, generating more accurate SPL from natural language prompts. Check out what’s new in v1.1.0 and learn how to get started today.

In March, the Splunk Threat Research Team had two releases of new security content via the Enterprise Security Content Update (ESCU) app. Check out this post for the full details!

Celebrate the beta launch of the Splunk Developer Program by joining the Splunk Build-a-thon! Explore the four exciting tracks: App Development, Add-on Integration, Data Management, and AI/ML. Build innovative solutions using Splunk’s developer tools and compete for prizes including .conf25 passes, Splunk EDU credits, and Cisco Store gift cards

Ready to unlock the power of AI in Splunk? The AI Adoption Hub was built for practitioners who want to learn about and get started with AI at Splunk. It’s packed with expert-curated resources and insights to help you harness AI’s power to improve digital resilience. Check it out!

Check out the latest and greatest from Splunk Observability Cloud - from APM to log enhancements, we've released new features and capabilities to help you find and fix issues faster in your environment

Explore what's new in Splunk Cloud Platform 9.3.2411. Learn how this latest release continues to boost resilience, expand visibility, and maximize data value.

Effective June 5, 2025,  Splunk will change the default regex library from RE2 to PCRE2 for Edge Processor and Ingest Processor. Leverage the migration path to test existing pipelines today.

Bringing you an awesome opportunity to take your data management and SPL2 skills to the next level! Join us for a 3-part technical workshop series happening from February-March. Harness the power of SPL2 to transform and route data with Edge Processor and Ingest Processor. Then, learn how to leverage SPL2 to build apps that extend the capabilities of the Splunk platform.

In January, the Splunk Threat Research Team had one release of new security content via the Splunk ES Content Update (ESCU) app. In addition to new security content, this release introduces ESCU 5.0, which delivers several new exciting enhancements designed to help further security operations. Check out this post for more details!

At .conf24, we shared that we were in the process of integrating Cisco Talos threat intelligence into Splunk Enterprise Security, Splunk SOAR, and Splunk Attack Analyzer. We know just how eager the community has been to see these integrations come to fruition, so we’re thrilled to share that all of the integrations are live for Splunk Security (cloud) customers.

This blog post aims to give Splunk customers (both Splunk Enterprise and Splunk Cloud) a heads-up about the actions they’ll need to take to prepare for upgrading to a Splunk version(coming soon) that will upgrade its core cryptographic library from OpenSSL 1.0.2 to OpenSSL 3. Splunk may additionally produce an Upgrade Readiness experience that will assist customers in identifying specific action items they need to take, but we don’t want to wait for such tooling to become available to start taking action.

In December, the Splunk Threat Research Team had one release of new security content via the Enterprise Security Content Update (ESCU) app. Check out this post for the full details!

In November, the Splunk Threat Research Team had one release of new security content via the Enterprise Security Content Update (ESCU) app. Check out this post for the full details!

As of Splunk Cloud Platform 9.3.2408 and Splunk Enterprise 9.4, Classic dashboard export features are now deprecated. Use Dashboard Studio for dashboard exports going forward. Check out this Lantern article to learn more.

The latest enhancements across the Splunk Observability portfolio deliver greater flexibility, better data and cost controls, cross-portfolio integrations, and more intuitive workflows to streamline troubleshooting across any environment and help ITOps and Engineering teams strengthen their observability practice to build digital resilience.

In October, the Splunk Threat Research Team had one release of new security content via the Enterprise Security Content Update (ESCU) app. Check out this post for the full details!

In September, the Splunk Threat Research Team had 2 releases of new security content via the Enterprise Security Content Update (ESCU) app. Check out this post for the full details!