Splunk Enterprise Security

Why does latest version of ES CU app indicates exploring Analytical Stories through ES or Sec Essentials App ?

dm1
Communicator

Just downloaded the latest version of ES Content Update app and noticed the following message:

Explore the Analytic Stories included with Splunk Security via ES Use Case Library or Splunk Security Essentials.

 

Is there a particular reason why this is stated?

This is sort of getting confusing as to which would be the best app to leverage the use cases/analytical stories.

 
 
Labels (1)
0 Karma
1 Solution

lkutch_splunk
Splunk Employee
Splunk Employee

 ES Content Update app got a UI update and some parts have been removed, as mentioned in Release Notes:

 

If you already have Enterprise Security, then it's easiest to see them in the Use Case Library: 

https://docs.splunk.com/Documentation/ES/6.5.1/Admin/Usecasecontentlibrary

 

If you don't already have Enterprise Security, then you can use Security Essentials as a first step in your security journey & see them in there. 

View solution in original post

0 Karma

lkutch_splunk
Splunk Employee
Splunk Employee

 ES Content Update app got a UI update and some parts have been removed, as mentioned in Release Notes:

 

If you already have Enterprise Security, then it's easiest to see them in the Use Case Library: 

https://docs.splunk.com/Documentation/ES/6.5.1/Admin/Usecasecontentlibrary

 

If you don't already have Enterprise Security, then you can use Security Essentials as a first step in your security journey & see them in there. 

View solution in original post

0 Karma
Did you miss .conf21 Virtual?

Good news! The event's keynotes and many of its breakout sessions are now available online, and still totally FREE!