Splunk Tech Talks
Deep-dives for technical practitioners.
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
New Article

What’s New & Next in Splunk SOAR

DayaSCanales
Splunk Employee
Splunk Employee
‎10-07-2025 07:08 PM

Screenshot 2025-10-31 133938.png

 

Security teams today are dealing with more alerts, more tools, and more pressure than ever.  Join us for an inside look at the latest Splunk SOAR enhancements designed to make your security operations more efficient and effective. Discover how you can:

  • Create and customize playbooks faster
  • Integrate seamlessly with your existing SIEM
  • Accelerate every stage of your detection and response

Whether you’re already using SOAR or just curious about what’s possible, this session is packed with practical tips, live demos, and expert insights from Nick Hunter, Principal Product Marketing Manager, Cybersecurity at Splunk.

Be part of the conversation and see how the future of security automation is unfolding—On Demand now!

Labels
0 Karma
1 Comment
DayaSCanales
Splunk Employee
Splunk Employee
a week ago

Here are a few top of mind questions from the live Tech Talk

 

Q. If I have ES and SOAR, what version of ES and SOAR do I need to take advantage of the unified TDIR workflows across the two products?

A. 

  • ES 8.x
  • SOAR 6.3 and above

DayaSCanales_0-1761923718476.png

Q. Can you clarify, if I have ES and SOAR, do I need the ES Premier license for unified TDIR workflows?

A. No, but you will need to pair ES and SOAR and you can do that only for the combinations below:

  • ES Cloud & SOAR Cloud
  • ES CMP & SOAR CMP Standalone
  • ES Cloud & SOAR CMP Standalone (hybrid)

Those unified workflows however would not have things like Asset Risk Scoring or UEBA.

DayaSCanales_1-1761923718477.png

Q. What additional value would I actually get with ES Premier if I already have ES and SOAR today?

A. ES Premier product is Splunk’s most powerful and and seamless AI-powered SecOps platform. By bringing together the next-generation of our SIEM, SOAR, and UEBA together in one seamless experience…we arm every analyst with full visibility, industry-leading tooling, and built-in automation for everyone in the SOC…to quickly identify and stop evolving threats.

DayaSCanales_1-1761923718477.png

0 Karma
Get Updates on the Splunk Community!

What the End of Support for Splunk Add-on Builder Means for You

Hello Splunk Community! We want to share an important update regarding the future of the Splunk Add-on Builder ...

Solve, Learn, Repeat: New Puzzle Channel Now Live

Welcome to the Splunk Puzzle PlaygroundIf you are anything like me, you love to solve problems, and what ...

Building Reliable Asset and Identity Frameworks in Splunk ES

 Accurate asset and identity resolution is the backbone of security operations. Without it, alerts are ...