Generate a report with the AI Assistant

How to create and export an investigation report with the AI Assistant

Note: AI features for Splunk Enterprise Security must be turned on by an administrator on the Security AI Assistant settings page. The AI features in Splunk Enterprise Security are subject to Microsoft's Azure OpenAI

Acceptable Use Policy

and Code of Conduct Content requirements.
Generate full reports to help document or escalate a findings or investigation. You can download the report as a PDF, add it in a note, or attach it as a file.
  1. Select a finding or investigation from the analyst queue.
  2. For investigations, select View details to open the investigation Overview page.
  3. Select the AI Assistant icon ()to open the chat box and get started.
  4. Splunk Enterprise Security provides a few default requests to ask the AI Assistant. Select Generate investigation report or Generate finding report.
    Note: If the AI Assistant is generating too long of a response, you can select the stop icon () to stop the AI Assistant.
  5. To save the report, select from the following icon options:
    1. Attach as file ()
    2. Add as note ()
    3. Download as PDF ()
The AI Assistant generates a report summary and adds it to the finding or investigation. To see an example scenario using the AI Assistant, see Scenario: Jordan uses the AI Assistant to summarize an investigation and generate SPL.