Product News & Announcements
All the latest news and announcements about Splunk products. Subscribe and never miss an update!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
New Article

Introducing Splunk Assist!

brittanyc
Splunk Employee
Splunk Employee
‎06-16-2022 09:00 AM

At .conf we'll unveil the general availability of Splunk Assist, a fully managed cloud service that provides deep insights into the security posture of Splunk Enterprise deployments. Assist continually helps Splunk admins get cloud-powered insights with the latest recommendations from Splunk Cloud. Assist is included as part of Splunk Enterprise version 9.0, making it feasible for Splunk admins to immediately access and act on recommendations. Since Assist is cloud-powered, customers will see new features and capabilities that continually get better over time.

Prior to Assist, Splunk administrators used to manually configure and monitor Splunk Enterprise deployments to ensure they remained updated and secured, whether running on-premises or in public cloud providers such as Amazon Web Services (AWS), Azure, and Google Cloud Platform. Splunk environments have many customizable settings. As the number of nodes in a Splunk deployment grows, it can get harder to keep track of security settings, app patches, and expiring transport layer security (TLS) certificates. Tasks like alerting on security vulnerabilities, hardening security configuration knobs, and staying up to date with security patches take time and resources away from higher valued-added tasks that are tied directly to business value for customers.

Assist will analyze your Splunk deployment and compare the settings in your deployments against best practice security configurations used to run optimized Splunk Cloud deployments. Assist constantly evaluates your security posture and alerts administrators with recommendations tailored to the specific needs of their business. Administrators can easily review and act on the recommendations, remaining in full control of their Splunk deployments. 

There are four simple steps to enabling Splunk Assist:

  1. Install or upgrade Splunk Enterprise to 9.0
  2. Enable “Support Usage Data”: Confirm Support Usage Data (SUD) is enabled
  3. Upgrade network settings: Open port 443 and allow outbound traffic to *.scs.splunk.com
  4. Activate Splunk Assist: Use a unique one-time activation code tied to your license to secure your data in the cloud

Questions or feedback? Contact the team at ssg-splunk-assist@splunk.com.

— Brittany Coppola, Product Marketing Manager

2 Comments
Get Updates on the Splunk Community!

Announcing Scheduled Export GA for Dashboard Studio

We're excited to announce the general availability of Scheduled Export for Dashboard Studio. Starting in ...

Extending Observability Content to Splunk Cloud

Watch Now!   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to leverage ...

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...