Splunk Enterprise Security

What is the difference between Splunk Enterprise & Splunk Enterprise Security and which one shall I implement in my 24/7/365 monitoring SOC?

Explorer

Hi all,

Can anyone let me know the difference between Splunk Enterprise & Splunk Enterprise Security? Are they both the same?

If so both are different in case, what exactly the functions of each & which one shall I implement in my 24/7/365 monitoring SOC?

Thanks,

Ramu.R

0 Karma
1 Solution

Champion

Splunk enterprise is platform and splunk enterprise security is licensed application sits on top of splunk. For using enterprise security you need to install splunk first and then import the application.

View solution in original post

0 Karma

New Member

Splunk enterprise is the is the platfrom which u have to install in order to install the security enterpricse on top of it ......!!!!!! or else we can just say like its an app from Splunk enterprise wch can be installed for the security purposes which is the paid version always ....!!!!!

0 Karma

Motivator

Hey@mailmetoramu,

Splunk Enterprise Security is a paid app which is installed on Splunk Enterprise.For implementation purpose you need to contact Splunk with your exact requirement for further guidance.
Refer this link:
https://splunkbase.splunk.com/app/263/
https://www.splunk.com/en_us/products/premium-solutions/splunk-enterprise-security/features.html

Let me know if this helps!!

0 Karma

New Member

Hi, can you drop me a download link for the Enterprise security app?
I have the enterprise license.......just wanna try it out.
email is emuganhwa@gmail.com

0 Karma

Explorer

Already i bought a paid app, so the validity & license of my splunk enterprise will be as same as splunk Enterprise security ??

0 Karma

Motivator

Splunk Enterprise Security app license has to be purchased seperately along with Splunk Enterprise and the validity and license you can check in your licensing section on Splunk.

0 Karma

Explorer

Deepashri,

1) Splunk Enterprise - No Enforcement (6.5+)

2) Splunk Enterprise

In above, First one is splunk enterprise 6.5 & second is splunk enterprise security, right ??

0 Karma

Champion

oops!! sorry no, First one is special key comes with splunk (you can read further overhttps://docs.splunk.com/Documentation/Splunk/latest/Admin/TypesofSplunklicenses#No-enforcement_license ) and second is free license.

0 Karma

Explorer

So i can download the free version of splunk enterprise 6.5+ versions only ??

0 Karma

Champion

Yes, and if you want to buy license for both contact splunk sales or support

0 Karma

Explorer

Great, Thank You ..!!

0 Karma

Champion

If splunk license expires, It will stop searching that means the app UI is not working. Please contact splunk support or splunk sales, they will guide you with implementation.

0 Karma

Champion

Splunk enterprise is platform and splunk enterprise security is licensed application sits on top of splunk. For using enterprise security you need to install splunk first and then import the application.

View solution in original post

0 Karma

Explorer

So you mean to say, first i should install splunk enterprise in my laptop, get the GUI first.

Then install the splunk enterprise security app from the GUI ??

0 Karma

Champion

Yes. You can install splunk with free license on your laptop. But for Enterprise security application is a paid application which only works with enterprise license . If required you can contact splunk support.

0 Karma

Explorer

Thats ok, the free version is only for 60 days but i bought splunk enterprise security which is licensed one.

So what will happen to my paid app once my trial period of splunk enterprise expires ??

0 Karma

Splunk Employee
Splunk Employee

I hope youre not running your 24x7 SOC off your laptop.

If you have a enablement license, as in you have purchased Splunk Enterprise and Enterprise Security, you will need to install the provided license files (that your sales representative sends to you) on your License Master Instance.

Your best place to start is at the documentation for Enterpise Security. Read from here : https://docs.splunk.com/Documentation/ES/5.0.0/Install/InstallEnterpriseSecurity

0 Karma
Don’t Miss Global Splunk
User Groups Week!

Free LIVE events worldwide 2/8-2/12
Connect, learn, and collect rad prizes
and swag!