Product News & Announcements
All the latest news and announcements about Splunk products. Subscribe and never miss an update!

Introducing Splunk Assist!

brittanyc
Splunk Employee
Splunk Employee

At .conf we'll unveil the general availability of Splunk Assist, a fully managed cloud service that provides deep insights into the security posture of Splunk Enterprise deployments. Assist continually helps Splunk admins get cloud-powered insights with the latest recommendations from Splunk Cloud. Assist is included as part of Splunk Enterprise version 9.0, making it feasible for Splunk admins to immediately access and act on recommendations. Since Assist is cloud-powered, customers will see new features and capabilities that continually get better over time.

Prior to Assist, Splunk administrators used to manually configure and monitor Splunk Enterprise deployments to ensure they remained updated and secured, whether running on-premises or in public cloud providers such as Amazon Web Services (AWS), Azure, and Google Cloud Platform. Splunk environments have many customizable settings. As the number of nodes in a Splunk deployment grows, it can get harder to keep track of security settings, app patches, and expiring transport layer security (TLS) certificates. Tasks like alerting on security vulnerabilities, hardening security configuration knobs, and staying up to date with security patches take time and resources away from higher valued-added tasks that are tied directly to business value for customers.

Assist will analyze your Splunk deployment and compare the settings in your deployments against best practice security configurations used to run optimized Splunk Cloud deployments. Assist constantly evaluates your security posture and alerts administrators with recommendations tailored to the specific needs of their business. Administrators can easily review and act on the recommendations, remaining in full control of their Splunk deployments. 

There are four simple steps to enabling Splunk Assist:

  1. Install or upgrade Splunk Enterprise to 9.0
  2. Enable “Support Usage Data”: Confirm Support Usage Data (SUD) is enabled
  3. Upgrade network settings: Open port 443 and allow outbound traffic to *.scs.splunk.com
  4. Activate Splunk Assist: Use a unique one-time activation code tied to your license to secure your data in the cloud

Questions or feedback? Contact the team at ssg-splunk-assist@splunk.com.

— Brittany Coppola, Product Marketing Manager

Get Updates on the Splunk Community!

Registration for Splunk University is Now Open!

Are you ready for an adventure in learning?   Brace yourselves because Splunk University is back, and it's ...

Splunkbase | Splunk Dashboard Examples App for SimpleXML End of Life

The Splunk Dashboard Examples App for SimpleXML will reach end of support on Dec 19, 2024, after which no new ...

Understanding Generative AI Techniques and Their Application in Cybersecurity

Watch On-Demand Artificial intelligence is the talk of the town nowadays, with industries of all kinds ...