How do I calculate the Enterprise security App lic...

vsskishore · ‎12-02-2018

How do I calculate the Enterprise security App license usage ? Is it different from the Spunk Enterprise license ? Does the ES app use the base indexes of Splunk Enterprise or does it contain separate indexes ?

inventsekar · ‎12-02-2018

Question - How to calculate the Enterprise security App license usage ?
As per my understanding - Splunk ES is an app that sits on top of base Splunk. so, you need license for Base Splunk, that is enough.
As per below link also, Splunk Enterprise Security is a Splunk Premium Solution, which requires a Splunk Enterprise license or Splunk Cloud subscription.
Splunk Enterprise Security software is priced by how much data you send into your Splunk installation in a day.
https://www.splunk.com/en_us/software/pricing/faqs/cyber-security.html#Splunk-ES

Question - Is it different from spunk enterprise license ?
no. as explained above, no.. Splunk ES license is not different from splunk license.

Question - Is ES app use the base indexes of Splunk enterprise or does it contain separate indexes ?
Splunk ES uses base splunk's indexes.
and it uses some more indexes for its custom calculations.
more info here -
https://docs.splunk.com/Documentation/ES/5.2.0/Install/Indexes

As you are a new user to Splunk Answers, you can upvote the answers/comments,
if this answer resolved your query, you can select this answer and "accept" it as the answer, so that this question will be moved to answered queue. Happy Splunking!

How do I calculate the Enterprise security App license usage ?

Announcing Scheduled Export GA for Dashboard Studio

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!