Hi all,
Can anyone let me know the difference between Splunk Enterprise & Splunk Enterprise Security? Are they both the same?
If so both are different in case, what exactly the functions of each & which one shall I implement in my 24/7/365 monitoring SOC?
Thanks,
Ramu.R
Splunk enterprise is platform and splunk enterprise security is licensed application sits on top of splunk. For using enterprise security you need to install splunk first and then import the application.
Splunk enterprise is the is the platfrom which u have to install in order to install the security enterpricse on top of it ......!!!!!! or else we can just say like its an app from Splunk enterprise wch can be installed for the security purposes which is the paid version always ....!!!!!
Hey@mailmetoramu,
Splunk Enterprise Security is a paid app which is installed on Splunk Enterprise.For implementation purpose you need to contact Splunk with your exact requirement for further guidance.
Refer this link:
https://splunkbase.splunk.com/app/263/
https://www.splunk.com/en_us/products/premium-solutions/splunk-enterprise-security/features.html
Let me know if this helps!!
Hi, can you drop me a download link for the Enterprise security app?
I have the enterprise license.......just wanna try it out.
email is emuganhwa@gmail.com
Already i bought a paid app, so the validity & license of my splunk enterprise will be as same as splunk Enterprise security ??
Splunk Enterprise Security app license has to be purchased seperately along with Splunk Enterprise and the validity and license you can check in your licensing section on Splunk.
Deepashri,
1) Splunk Enterprise - No Enforcement (6.5+)
2) Splunk Enterprise
In above, First one is splunk enterprise 6.5 & second is splunk enterprise security, right ??
oops!! sorry no, First one is special key comes with splunk (you can read further overhttps://docs.splunk.com/Documentation/Splunk/latest/Admin/TypesofSplunklicenses#No-enforcement_license ) and second is free license.
So i can download the free version of splunk enterprise 6.5+ versions only ??
Yes, and if you want to buy license for both contact splunk sales or support
Great, Thank You ..!!
If splunk license expires, It will stop searching that means the app UI is not working. Please contact splunk support or splunk sales, they will guide you with implementation.
Splunk enterprise is platform and splunk enterprise security is licensed application sits on top of splunk. For using enterprise security you need to install splunk first and then import the application.
So you mean to say, first i should install splunk enterprise in my laptop, get the GUI first.
Then install the splunk enterprise security app from the GUI ??
Yes. You can install splunk with free license on your laptop. But for Enterprise security application is a paid application which only works with enterprise license . If required you can contact splunk support.
Thats ok, the free version is only for 60 days but i bought splunk enterprise security which is licensed one.
So what will happen to my paid app once my trial period of splunk enterprise expires ??
I hope youre not running your 24x7 SOC off your laptop.
If you have a enablement license, as in you have purchased Splunk Enterprise and Enterprise Security, you will need to install the provided license files (that your sales representative sends to you) on your License Master Instance.
Your best place to start is at the documentation for Enterpise Security. Read from here : https://docs.splunk.com/Documentation/ES/5.0.0/Install/InstallEnterpriseSecurity