In April, the Splunk Threat Research Team had 2 releases of new security content via the Enterprise Security Content Update (ESCU) app (v5.3.0 and v5.4.0). With these releases, there are 42 new analytics and 14 new analytic stories now available in Splunk Enterprise Security via the ESCU application update process.

We at Splunk are excited to kick off a new series of blogs dedicated to helping you understand the compliance landscape and new feature opportunities in the next platform upgrade for Splunk Enterprise and Splunk Cloud Platform. Each edition will provide essential updates for Splunk administrators and application developers, focusing on key benefits and modernizations. Think of this series as a one-stop-shop and look back on new announcements and required actions to prepare your environment and applications for the next upgrade. 

This month, we’re delivering several platform, infrastructure, application and digital experience monitoring enhancements across Splunk Observability Cloud to help engineering teams gain earlier detection and faster investigation of business-impacting issues.   

Today, we are excited to announce that you can now see everything related to your team directly on your homepage. Easily see your Splunk APM services, dashboards, top alerts, and team members of every team you’re part of, and join teams directly on the homepage.

You asked, and we delivered! SPL just got easier with the latest release of the Splunk AI Assistant for SPL app 1.1.0, offering general availability of a new personalization feature. The AI Assistant now understands your environment, generating more accurate SPL from natural language prompts. Check out what’s new in v1.1.0 and learn how to get started today.

In March, the Splunk Threat Research Team had two releases of new security content via the Enterprise Security Content Update (ESCU) app. Check out this post for the full details!

Celebrate the beta launch of the Splunk Developer Program by joining the Splunk Build-a-thon! Explore the four exciting tracks: App Development, Add-on Integration, Data Management, and AI/ML. Build innovative solutions using Splunk’s developer tools and compete for prizes including .conf25 passes, Splunk EDU credits, and Cisco Store gift cards

Ready to unlock the power of AI in Splunk? The AI Adoption Hub was built for practitioners who want to learn about and get started with AI at Splunk. It’s packed with expert-curated resources and insights to help you harness AI’s power to improve digital resilience. Check it out!

Check out the latest and greatest from Splunk Observability Cloud - from APM to log enhancements, we've released new features and capabilities to help you find and fix issues faster in your environment

Explore what's new in Splunk Cloud Platform 9.3.2411. Learn how this latest release continues to boost resilience, expand visibility, and maximize data value.

We’ve identified and fixed an issue which affected detector alerts in Splunk Synthetic Monitoring. All Synthetic Detectors will be restarted and users may receive a notification indicating that a prior detector has stopped. Incoming data from this restart may also trigger a new alert. 

Splunk is excited to announce new innovations  that help simplify complex operations, enhance performance, and leverage AI to bring together proactive insights, assisted workflows, and much more. 

Bringing you an awesome opportunity to take your data management and SPL2 skills to the next level! Join us for a 3-part technical workshop series happening from February-March. Harness the power of SPL2 to transform and route data with Edge Processor and Ingest Processor. Then, learn how to leverage SPL2 to build apps that extend the capabilities of the Splunk platform.

In January, the Splunk Threat Research Team had one release of new security content via the Splunk ES Content Update (ESCU) app. In addition to new security content, this release introduces ESCU 5.0, which delivers several new exciting enhancements designed to help further security operations. Check out this post for more details!

This month’s releases across the Splunk Observability portfolio deliver earlier detection and faster investigation of business-impacting issues powered by AI, even more options for comprehensive visibility, improved alert noise control to help users prioritize the issues that matter, and faster, more intuitive onboarding to speed time to value.

A few months ago, we released Splunk Enterprise Security 8.0 for our cloud customers. Today, we are excited to announce that Splunk Enterprise Security 8.0 is available now for our on-premise customers!

Access to Splunk Observability Kubernetes “Classic Navigator” UI will no longer be available starting January 30, 2025. Read on for more details.

At .conf24, we shared that we were in the process of integrating Cisco Talos threat intelligence into Splunk Enterprise Security, Splunk SOAR, and Splunk Attack Analyzer. We know just how eager the community has been to see these integrations come to fruition, so we’re thrilled to share that all of the integrations are live for Splunk Security (cloud) customers.

This blog post aims to give Splunk customers (both Splunk Enterprise and Splunk Cloud) a heads-up about the actions they’ll need to take to prepare for upgrading to a Splunk version(coming soon) that will upgrade its core cryptographic library from OpenSSL 1.0.2 to OpenSSL 3. Splunk may additionally produce an Upgrade Readiness experience that will assist customers in identifying specific action items they need to take, but we don’t want to wait for such tooling to become available to start taking action.

In December, the Splunk Threat Research Team had one release of new security content via the Enterprise Security Content Update (ESCU) app. Check out this post for the full details!

Correct detection engineering is crucial to make sure your Splunk Enterprise Security instance is giving you full visibility on the threat events happening in your network. 

Some times we will find ourselves troubleshooting on why a detections wasn't triggered. Here is the first of a series of blogs talking about my own experience. 

Hey Splunky People!

Splunk Enterprise 9.4 is here, packed with game-changing features to enhance visibility, streamline investigations, and optimize response times. Explore updates like the enhanced Deployment Server, Dashboard Studio improvements, and the SPL2 public beta for custom app flexibility.

Ready to discover the tools to drive your digital resilience? Read on to learn more. 

In November, the Splunk Threat Research Team had one release of new security content via the Enterprise Security Content Update (ESCU) app. Check out this post for the full details!

As of Splunk Cloud Platform 9.3.2408 and Splunk Enterprise 9.4, Classic dashboard export features are now deprecated. Use Dashboard Studio for dashboard exports going forward. Check out this Lantern article to learn more.

The latest enhancements across the Splunk Observability portfolio deliver greater flexibility, better data and cost controls, cross-portfolio integrations, and more intuitive workflows to streamline troubleshooting across any environment and help ITOps and Engineering teams strengthen their observability practice to build digital resilience.

Admin and Power users now have a new and improved Token Management interface, with Long-Lived tokens, and improved token visibility and rotation, all within a new design aligned with Splunk Cloud.

In October, the Splunk Threat Research Team had one release of new security content via the Enterprise Security Content Update (ESCU) app. Check out this post for the full details!

Learn more about upcoming changes in Splunk Observability Cloud's design that will help bring AppDynamics and Splunk closer with a more modern look and feel! 

We are excited to announce several exciting updates for Edge Processor aimed at hardening overall product resiliency and support for additional data sources! Read more about data export queuing resilience, Edge Processor receiver acknowledgement from HEC sources, AWS Data Firehose support, and more. 

In September, the Splunk Threat Research Team had 2 releases of new security content via the Enterprise Security Content Update (ESCU) app. Check out this post for the full details!