Splunk Enterprise Security

Is it possible to use Splunk Enterprise Security with the free trial version of Splunk Enterprise to test if it meets our requirements for SIEM?

Monica7
New Member

Hi,

I need some clarifications on Splunk Enterprise and Splunk Enterprise Security.

I would like to implement SIEM with Splunk Enterprise Security. I came to know that we have to get a licensed version of Splunk Enterprise and Splunk Enterprise Security license cost.

First we would be trying to implement SIEM with Splunk Enterprise Security in a Linux Development environment with the free trial version of Splunk Enterprise. I have one question here. With the free trial version of Splunk Enterprise (500 MB/day) which is valid for 60 days, is it possible to use premium solution app (Splunk Enterprise Security)?

if Splunk Enterprise Security met all our requirements for SIEM, then we would proceed with the purchased version of Splunk Enterprise and Splunk Enterprise security in Production Linux environment.

Could you please clarify as early as possible?

0 Karma

smoir_splunk
Splunk Employee
Splunk Employee

You can request a license for Splunk Enterprise Security for development purposes only using the email address on this page: http://dev.splunk.com/view/enterprise-security/SP-CAAAFA6

If you want to evaluate Splunk Enterprise Security as a product, it's best to use the free online sandbox here: https://www.splunk.com/getsplunk/es_sandbox

Monica7
New Member

Hi,

We have requested for developer license in the below link on Friday IST.

http://dev.splunk.com/view/enterprise-security/SP-CAAAFA6

we have got mail from Splunk license team with the subject Splunk developer license. Below is the content of that mail.

**** THIS MESSAGE IS SENT FROM AN UNMONITORED MAILBOX. DO NOT REPLY TO THIS MESSAGE ****

Hello,

Thank for requesting a Splunk Developer Trial license. We want to ensure that you have all of the support and resources you need to be successful developing with Splunk. Get started material, downloads, documentation, code samples and tutorials can be found at http://dev.splunk.com. You can get the latest updates by following us on Twitter: https://twitter.com/splunkdev

Here are some additional resources:

Python SDK - http://dev.splunk.com/view/python-sdk/SP-CAAAEBB
Java SDK - http://dev.splunk.com/view/java-sdk/SP-CAAAECN
JavaScript SDK - http://dev.splunk.com/view/javascript-sdk/SP-CAAAECM
Ruby SDK - http://dev.splunk.com/view/ruby-sdk/SP-CAAAENQ
PHP SDK - http://dev.splunk.com/view/php-sdk/SP-CAAAEJM
C# SDK - http://dev.splunk.com/view/csharp-sdk/SP-CAAAEPK
Splunk's web framework - http://dev.splunk.com/view/web-framework/SP-CAAAER6 & the web framework toolkit: http://apps.splunk.com/app/1613/ Dev Tools: Splunk Plug-in for Eclipse & Java Monitoring - http://dev.splunk.com/view/tools/SP-CAAAEQ2

We are always interested in learning more about your use case to use in a SplunkLive and don't hesitate to let us know if you have questions and/or feedback at devinfo@splunk.com

License Details:
Product: Splunk Developer Personal License NOT FOR RESALE
Size: 10 GB

Expiration Date: June 9, 2017 10:32am

When we tried to access http://dev.splunk.com to download the developer license . But we have got the below error

url: dev.splunk.com/page/developer_license_signup/pre-refresh


Whoop! you have already got a license there partner!
You have already requested a developer license. you should have received your license via email.

If you'd like to request a refresh license because yours has expired. Please do so.

We are not having any option to download and install developer license. Please help on this.

2.

If you want to evaluate Splunk
Enterprise Security as a product, it's
best to use the free online sandbox
here:
https://www.splunk.com/getsplunk/es_sandbox

As we are having security information available in the logs, we cant use free online sandbox trial of Splunk Enterprise Security. Is there any other trial version of Splunk Enterprise Security available?

0 Karma

smoir_splunk
Splunk Employee
Splunk Employee

At this point it's best to work with sales, as that is the only way to get a PoC of Splunk Enterprise Security. You already have a developer license for Splunk Enterprise, based on the email you received. You can get a developer license for Splunk Enterprise Security, but remember that developer licenses are meant for developing content, not evaluating the product.

koshyk
Super Champion

Best way to do is
- request for a developer license. Your splunk will get license
- Speak to your partner or Splunk sales to get a copy of Splunk Enterprise Security

http://dev.splunk.com/view/enterprise-security/SP-CAAAFA6

Ensure your test/dev system has enough resources to run Enterprise Security (min 16GB RAM)

0 Karma

Monica7
New Member

this developer license is only applicable for Development environment right?

If we want to implement SIEM in production , then we have to purchase license?

If I want to request for developer license, where can I request it?

0 Karma

koshyk
Super Champion

developer license, you cannot use for PROD. you need to pay for that license.
I've put the link in my answer already to request for it.
(also if the answer helped, please upvote/mark as answer. cheers)

0 Karma

Monica7
New Member

For developer License, can you share the pricing details?

Instead of using free trial version of Splunk Enterprise , you are asking me to use developer license for Splunk Enterprise . so that only we can get the copy of Splunk Enterprise security. Right?

With the free trial version of splunk enterprise , we cant get copy of Splunk enterprise security.Am I right?

Kindly clarify my above queries

0 Karma

koshyk
Super Champion

Developer license is free. You just need to request it. It gives you 10GB free indexing per day
Key advantages are
- Every 6 months you can renew for free
- You can have full clustering capability with this license
- Full Splunk Enterprise stack options available (eg alerting, sh clustering etc)

Splunk Enterprise Security is NOT free. I'm not sure how you can get it. We get it from our partner for trial purposes, but I don't know how you work. May be have a word with Sales team for Splunk Enterprise Security

Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

Splunk is officially part of Cisco

Revolutionizing how our customers build resilience across their entire digital footprint.   Splunk ...

Splunk APM & RUM | Planned Maintenance March 26 - March 28, 2024

There will be planned maintenance for Splunk APM and RUM between March 26, 2024 and March 28, 2024 as ...