For more information please visit the Splunk ES Content Update user documentation.
Enterprise Security Content Updates v 1.0.42 was released on August 28, 2019, and included the following bug fixes:
* Excessive WARN messages due to incorrect default.meta
* Error with DNS Query Length With High Standard Deviation detection
* Add MITRE tactic where only technique is listed
* Errors with analyticstories.conf when running btool
For complete documentation, please visit: https://docs.splunk.com/Documentation/ESSOC/1.0.42
Splunk Enterprise Security Content Updates (ESCU) 1.0.41 Copyright (C) 2019 Splunk Inc. All rights reserved.
ESCU 1.0.41 was released on July 31, 2019. It introduced the following improvement:
The Analytic Story "Suspicious Email" was updated to incorporate the output from the "Suspicious Email" anomaly from Splunk User Behavior Analytics (UBA).
CRL-1587 Broken search: Sc.exe manipulating Windows services
CRL-1577 Usage Details dashboard not rendering
CRL-1586 Detection for "Process Execution via WMI" has incorrect search
CRL-1555 Analytic Stories not rendering
For complete documentation, please visit: https://docs.splunk.com/Documentation/ESSOC/1.0.41
Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 50GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.