At .conf we'll unveil the general availability of Splunk Assist, a fully managed cloud service that provides deep insights into the security posture of Splunk Enterprise deployments. Assist continually helps Splunk admins get cloud-powered insights with the latest recommendations from Splunk Cloud. Assist is included as part of Splunk Enterprise version 9.0, making it feasible for Splunk admins to immediately access and act on recommendations. Since Assist is cloud-powered, customers will see new features and capabilities that continually get better over time.
Prior to Assist, Splunk administrators used to manually configure and monitor Splunk Enterprise deployments to ensure they remained updated and secured, whether running on-premises or in public cloud providers such as Amazon Web Services (AWS), Azure, and Google Cloud Platform. Splunk environments have many customizable settings. As the number of nodes in a Splunk deployment grows, it can get harder to keep track of security settings, app patches, and expiring transport layer security (TLS) certificates. Tasks like alerting on security vulnerabilities, hardening security configuration knobs, and staying up to date with security patches take time and resources away from higher valued-added tasks that are tied directly to business value for customers.
Assist will analyze your Splunk deployment and compare the settings in your deployments against best practice security configurations used to run optimized Splunk Cloud deployments. Assist constantly evaluates your security posture and alerts administrators with recommendations tailored to the specific needs of their business. Administrators can easily review and act on the recommendations, remaining in full control of their Splunk deployments.
There are four simple steps to enabling Splunk Assist:
Install or upgrade Splunk Enterprise to 9.0
Enable “Support Usage Data”: Confirm Support Usage Data (SUD) is enabled
Upgrade network settings: Open port 443 and allow outbound traffic to *.scs.splunk.com
Activate Splunk Assist: Use a unique one-time activation code tied to your license to secure your data in the cloud
Questions or feedback? Contact the team at firstname.lastname@example.org.
— Brittany Coppola, Product Marketing Manager
... View more