Hi Is there any feature or ability exist in "Splunk Enterprise" that does not exist in "Splunk Security"? Any cheat sheet or comparable list? Thanks
Hi @indeed_2000,
what do you mean with "Splunk Security"?
are you meaning "Splunk Enterprise Security"?
If yes, they are two different things:
Splunk Enterprise is the log management platform (very briefly!).
Splunk Enterprise Security is a Premium App (not free), that works on Splunk Enterprise (or Splunk Cloud), that gives the feature of a SIEM, and it's one of the best in this market section (Gartner, Forrester and others sources).
In other words, if you need a SIEM, you have to but both Splunk Enterprise and Splunk Enterprise Security.
Ciao.
Giuseppe
One more thing - you can have Splunk Enterprise Security on your on-premise Splunk Enterprise installation or in Splunk Cloud.