Splunk Enterprise Security
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Inquiry Regarding Splunk AI Assistant

Alkern
New Member
Sunday

Our company is currently using Splunk Enterprise Security, and we would like to ask a question regarding available features

Since our company is already using Splunk Enterprise Security, are we eligible to use the Splunk AI Assistant feature under our current license or need cloud subscription?

I read from description provisioned by Splunk

  • License requirements: -Cloud customers: Require customers to have a compatible version of Splunk Cloud. -Enterprise customers: Require customers to have Splunk Enterprise License. The solution is connecting to a Splunk managed cloud instance that is provisioned by Splunk. It does not require Splunk Cloud.

My email to support@splunk.com never get responded, so i ask here.

Thanks.

Labels (1)
Labels
0 Karma
Reply

inventsekar
SplunkTrust
SplunkTrust
yesterday

Hi @Alkern 
i feel this page will answer all your questions: https://help.splunk.com/en/splunk-cloud-platform/search/splunk-ai-assistant/1.5.1/install-and-config...


from the FAQ page: https://www.splunk.com/en_us/products/splunk-ai-assistant-for-spl/faq.html

 

Who is entitled to access this service?

Splunk AI Assistant is available to both Splunk Cloud Platform and Splunk Enterprise customers.

 

For Splunk Cloud Platform (SCP) customers, Splunk AI Assistant is available in many AWS and Azure regions. The list expands regularly, and updated information is available in our list of Supported regions. See install Splunk AI Assistant for SPL for Splunk Cloud customers.

 

Splunk Enterprise customers can leverage our cloud connected option to connect to existing regions. Information is available in Install Splunk AI Assistant for SPL for Splunk Enterprise customers with Cloud Connected.


Can Splunk Enterprise customers, not Splunk Cloud, use Splunk AI Assistant?

Yes, as of version 1.3, Splunk Enterprise (on premises) customers can use the Splunk AI Assistant, but it requires a specific setup known as the Cloud Connected solution.

 

The Cloud Connected solution splits the workload to maintain data privacy while leveraging cloud-scale compute:

 

  • Local Data (On-Prem): Your raw logs, events, and sensitive data remain entirely within your on-premises environment.
  • Cloud Compute (Splunk Cloud): The "heavy lifting" of the AI—processing natural language and generating SPL—happens in a secure, multi-tenant AI service hosted by Splunk in the cloud.
  • The Bridge: Your on-premises Search Head sends a request (the user's prompt and relevant metadata) over a secure HTTPS connection (Port 443) to the Splunk AI service. The service returns the generated SPL or explanation back to your local instance.

 

The cloud connected solution runs Splunk-managed AI services in Splunk Cloud Platform while allowing on-premises environments to access them over a secure connection. Your data stays on-prem; only the AI requests and results travel to the cloud service. Any searches are still executed within the on-prem environment.


----------------------------------------------------------------------------------------------
If this post or any post addressed your question, could you pls:
Give it karma to show appreciation

PS - As of May 2026, my Karma Given is 2312 and my Karma Received is 497, lets revamp the Karma Culture!
Thanks and best regards, Sekar
--------------------------------------------------------------------------------------------

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Build the Future of Agentic AI: Join the Splunk Agentic Ops Hackathon

AI is changing how teams investigate incidents, detect threats, automate workflows, and build intelligent ...

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

This challenge was first posted on Slack #puzzles channelFor BORE at .conf23, we had a puzzle question which ...

Splunk Community Badges!

  Hey everyone! Ready to earn some serious bragging rights in the community? Along with our existing badges ...