Security business menu
Security business
HOME
To be elected
cause
Service
Handling Manufacturer
Examples/reports/
Blog/Glossary
Seminar/
video on demand
Event/Seminar
video on demand

Convenience and performance have been improved with features such as Python 3.7 support and workload management!

Splunk Enterprise 8.0 Key Additions

今回リリースされた「Splunk Enterprise 8.0」では、下記の機能が追加されています。

Python 3.7 support

  • Python 3.7 is now supported in Splunk Enterprise 8.0.
    1. On January 1, 2020, the Python Software Foundation will end support for the Python 2.x series.
    2. Due to the above, Splunk Enterprise 8.0 has migrated the affected functions to Python 3.7.
    3. Splunk Enterprise 8.0 includes the Python 2.7 and 3.7 runtimes, but future releases of Splunk Enterprise will no longer include the Python 2.7 runtime.

Workload management enhancements

  • It is now possible to extend the functionality of workload rules and specify schedules and actions.
    1. The following has been added to the Predicate (condition specification) types when creating workload rules.
      ・search_type, search_mode, search_time_range, runtime
    2. It is now possible to specify a schedule and an action in addition to the Predicate (condition specification) when creating a workload rule.
    3. By specifying a schedule for a workload rule, you can set an expiration date for the rule.
      ・Schedule setting is not a required item but an optional setting.
    4. By specifying actions in workload rules, you can perform specific actions when the conditions in the rule are met.
      ・Example) Stop (kill) the search process
      ・Example) Display a message, etc.

Analytics (Metrics) Workspace Extensions

  • The metric workspace function has been renamed and the visualization function has been expanded.
    1. The Metric Workspace feature has been renamed to the Analytics Workspace feature.
    2. Visualization functions such as Area, Column, etc. have been expanded in addition to Line chart types.
    3. Custom specification of the time range is now possible.

Monitoring console enhancements (New Health Check)

  • A summary page has been added to the monitoring console where you can check the health status.
      1. You can check the status and the health of each site and configuration on the summary page.
  • If any signs of anomalies are found on the summary page, you can notify them in the following ways.
    ・Splunk Mobile (IOS App)
    ・E-mail
    ・Webhook

Enhanced security with support for token authentication

  • Support for authentication tokens for SAML users for REST API and CLI.
    1. Support for token authentication enables more secure authentication.
    2. Authentication by token is disabled by default.
    3. If you want to enable it, you can enable it from "Settings -> Users and Authentication -> Tokens".

Click here for function information of past and other versions