This blog post aims to give Splunk customers (both Splunk Enterprise and Splunk Cloud) a heads-up about the actions they’ll need to take to prepare for upgrading to a Splunk version(coming soon) that will upgrade its core cryptographic library from OpenSSL 1.0.2 to OpenSSL 3. Splunk may additionally produce an Upgrade Readiness experience that will assist customers in identifying specific action items they need to take, but we don’t want to wait for such tooling to become available to start taking action.

In December, the Splunk Threat Research Team had one release of new security content via the Enterprise Security Content Update (ESCU) app. Check out this post for the full details!

Correct detection engineering is crucial to make sure your Splunk Enterprise Security instance is giving you full visibility on the threat events happening in your network. 

Some times we will find ourselves troubleshooting on why a detections wasn't triggered. Here is the first of a series of blogs talking about my own experience. 

Hey Splunky People!

Splunk Enterprise 9.4 is here, packed with game-changing features to enhance visibility, streamline investigations, and optimize response times. Explore updates like the enhanced Deployment Server, Dashboard Studio improvements, and the SPL2 public beta for custom app flexibility.

Ready to discover the tools to drive your digital resilience? Read on to learn more. 

In November, the Splunk Threat Research Team had one release of new security content via the Enterprise Security Content Update (ESCU) app. Check out this post for the full details!

As of Splunk Cloud Platform 9.3.2408 and Splunk Enterprise 9.4, Classic dashboard export features are now deprecated. Use Dashboard Studio for dashboard exports going forward. Check out this Lantern article to learn more.

The latest enhancements across the Splunk Observability portfolio deliver greater flexibility, better data and cost controls, cross-portfolio integrations, and more intuitive workflows to streamline troubleshooting across any environment and help ITOps and Engineering teams strengthen their observability practice to build digital resilience.

Admin and Power users now have a new and improved Token Management interface, with Long-Lived tokens, and improved token visibility and rotation, all within a new design aligned with Splunk Cloud.

In October, the Splunk Threat Research Team had one release of new security content via the Enterprise Security Content Update (ESCU) app. Check out this post for the full details!

Learn more about upcoming changes in Splunk Observability Cloud's design that will help bring AppDynamics and Splunk closer with a more modern look and feel! 

We are excited to announce several exciting updates for Edge Processor aimed at hardening overall product resiliency and support for additional data sources! Read more about data export queuing resilience, Edge Processor receiver acknowledgement from HEC sources, AWS Data Firehose support, and more. 

In September, the Splunk Threat Research Team had 2 releases of new security content via the Enterprise Security Content Update (ESCU) app. Check out this post for the full details!

We’re excited to announce a powerful update to Splunk Data Management with added support for Amazon Data Firehose in Edge Processor! This enhancement enables you to use Amazon Data Firehose (formerly Amazon Kinesis Data Firehose) as a data source, offering greater flexibility and efficiency in managing data streams. With integration across over 20 AWS services, you now can easily stream data into Splunk from sources like Amazon CloudWatch, SNS, AWS WAF, Network Firewall, IoT, and more.

The latest enhancements to the Splunk observability portfolio deliver improved SLO management accuracy, better cost and data controls, and simplified GDI for new users.

Customer-configured email-based alerting is a first-class workflow supported by Splunk. We know how vital alerting can be to our customers. We are pleased to announce that Splunk Cloud FedRAMP High customers are also able to send email notifications to themselves for critically configured email-based alerts from the stacks now. Please take a moment to review a summary of the changes being introduced.

Explore what's new in Splunk Cloud Platform 9.2.2406. Learn how this latest release continues to boost efficiency, optimizing search performance and seamlessly routing data.

In August, the Splunk Threat Research Team had 3 releases of new security content via the Enterprise Security Content Update (ESCU) app. Check out this post for the full details!

This month is a collection of special news! From Magic Quadrant updates to AppDynamics integrations to Regional Expansion and feature enhancements, Splunk delivers a new level of observability to ITOps and engineering teams to accelerate their troubleshooting workflows and effectively reduce their MTTx. Read on for the details!

Accelerate root cause analysis in your traditional environments with Log Observer Connect, a one-click button integration between Splunk Cloud's powerful logging and AppDynamic's in-depth view of three-tier application and infrastructure's performance!

We’re improving the look of Observability Cloud’s search capability. Search is a fast and easy way to navigate, and can also be a good way to discover available resources that are relevant to your use case, especially if you’re just getting started with Observability Cloud. 

In July, the Splunk Threat Research Team had three releases of new security content via the Enterprise Security Content Update (ESCU) app. Read on for the details!

The latest enhancements to the Observability Portfolio deliver more assisted onboarding and expanded content out of the box for faster time to value. Plus, enhanced issue detection, more flexible configurations, simplified integrations, and smarter insights help to streamline troubleshooting across your entire stack for faster MTTx.

Splunk initially announced the removal of Python 2 during the release of Splunk Enterprise 8.0.0, aiming to align with the latest Python versions. In our ongoing effort to stay up-to-date with the latest libraries and packages, Splunk has gradually started phasing out Python 2 from its codebase. Python 2 has already been removed from Splunk Enterprise 9.3, and starting with this version, the default Python interpreter has been upgraded from Python 3.7 to Python 3.9. Splunk Cloud has also begun the process of removing Python 2 from the remaining customer stacks, with the latest release upgrading these stacks to use Python 3.9 as the default interpreter. 

For more information on Python upgrade, please visit Python 3 Migration documentation.  

With Splunk ITSI’s new 4.19 release, you can now experience many new GA capabilities and features in preview. Come see how to increase your time to value through simplifying service decomposition, faster onboarding and enhanced troubleshooting at scale. 

Explore what's new in the Splunk Enterprise 9.3 release. See how we continue to help you seamlessly route data, save time with scheduled exports and optimize search performance.

Explore what's new in the most recent Splunk Cloud Platform release!

This month is Observability Cloud, we’ve released:

1. Latency-based SLOs and SLIs in Dashboards
2. Automatic Discovery and Configuration for IM for MongoDB, Kafka
3. APM Advanced Filtering 
4. APM Usage Analytics

In June, the Splunk Threat Research Team had two releases of new security content via the Enterprise Security Content Update (ESCU) app. Read on for the details!