SPECIFIC TERMS FOR SPLUNK OFFERINGS

Secure Gateway app facilitates communication between mobile devices and Splunk instances with an end-to-end encrypted free cloud service called Spacebridge. Spacebridge cloud service environment, and the service itself, is separate from the Splunk Enterprise and Splunk Cloud offering. Spacebridge is a free Hosted Service and use is subject to Splunk General Terms available at: https://www.splunk.com/en_us/legal/splunk-general-terms.html. See here to learn more about the Spacebridge offering. Learn more

You may not transmit regulated data, including PHI data or PCI data, to Spacebridge unless you are using Spacebridge with a managed Splunk Cloud deployment and have specifically purchased the applicable regulated environment for that managed Splunk Cloud deployment. Spacebridge does not leverage the FIPS 140-2 validated Splunk Cryptographic Module and may not be used in environments that require this standard.

You must agree to use Spacebridge to use Splunk Secure Gateway. If you want to permanently disable the use of Spacebridge, you must disable Splunk Secure Gateway. Disable Splunk Secure Gateway in Apps > Manage Apps. If you’re using a managed Splunk Cloud deployment, file a support ticket to disable Splunk Secure Gateway.

Splunk Asset and Risk Intelligence

1. Security Industry Certifications
   Customer acknowledges and agrees that Splunk Asset and Risk Intelligence has not yet undergone a security audit by an independent third party and therefore does not have SOC2 or ISO27001 certification.
2. Support
   Support for Splunk Asset and Risk Intelligence is set out at https://www.splunk.com/en_us/pdfs/data-sheets/asset-risk-intelligence.pdf

1. Service Level Schedule
   The Service Level Schedule for the Splunk Attack Analyzer, set out at https://www.splunk.com/en_us/legal/attack-analyzer-service-level-schedule.html, will apply to service availability of the Splunk Attack Analyzer Hosted Service. Customer will be entitled to service credits for downtime in accordance with the Service Level Schedule.
   
2. Support
   Support for Splunk Attack Analyzer is set out at https://www.splunk.com/en_us/pdfs/data-sheets/attack-analyzer.pdf.
   
3. Security of Customer Content
   Splunk maintains administrative, physical and technical safeguards to protect the security of Customer Content on Splunk Attack Analyzer as set out in the Splunk Attack Analyzer Security Exhibit located at https://www.splunk.com/en_us/legal/splunk-attack-analyzer-security-exhibit.html (“SAA Security Exhibit”).
   
   
4. Use of Customer Content
   The operation and functionality of Splunk Attack Analyzer depends on the continuous improvement of detection capabilities through the application of threat intelligence information that is derived from the data our customers submit to the Splunk Attack Analyzer service. Accordingly, Customer agrees that Splunk may use Customer Content submitted to Splunk Attack Analyzer for purposes of analyzing threat trends, enhancing detection capabilities, and otherwise testing, improving and operating Splunk’s products and services, provided that Customer Content will not be disclosed to any third party except in aggregated format and in a manner that does not identify Customer as the source of the Customer Content and could not otherwise be attributable to Customer or any individual. Cisco’s Talos Threat Hunting Service may be deployed as part of the Splunk Attack Analyzer service in which case the Cisco Talos team may access Customer Content if such data triggers or is related to a security event. Talos Threat Hunting will process data as set forth in the Threat Hunting Privacy Data Sheet.

1. Threat Data Usage.
   The operation and functionality of Splunk security Offerings depends on continuously updating and improving detection capabilities through the application of threat intelligence, threat detection, and security event information that is derived from the data our customers submit to Splunk’s Enterprise Security Hosted Service (“Threat Data”). Accordingly, Customer instructs and grants Splunk the right to extract a copy of Threat Data and use Threat Data in connection with providing, creating, and improving our Offerings, which includes training and improving algorithms, detections, and models, and using artificial intelligence, machine learning, and other techniques with Threat Data to gain insights, and to make the Offerings more responsive and predictive to the needs of you and our customers , and to grant to others rights to do any of the foregoing, provided that in all cases Splunk’s use of Threat Data is subject to Splunk’s obligations under the General Terms with respect to Customer Content and Confidential Information. More information about this use is set out in our Documentation at https://docs.splunk.com/Documentation/ES/latest/User/ShareThreatData.
2. Use of Customer Content by Cisco Talos
   Cisco’s Talos Threat Hunting may be deployed as part of the Splunk Enterprise Security service.  The Cisco Talos team may access Customer Content if such data triggers or is related to a security event. Talos Threat Hunting will process data as set forth in the Threat Hunting Privacy Data Sheet.
3.  

1. Service Description
   https://docs.splunk.com/Documentation/SIM/current/User/Intelligenceoverview
2. Security
   Customer hereby acknowledges and agrees that Splunk Intelligence Management no longer has SOC2 attestation as audited by an independent third party. 

Use of Customer Content by Cisco Talos.

Cisco’s Talos Threat Hunting may be deployed as part of the Splunk SOAR service. The Cisco Talos team may access Customer Content if such data triggers or is related to a security event. Talos Threat Hunting will process data as set forth in the Threat Hunting Privacy Data Sheet.

If you access or use any Hosted Services in the specially isolated Amazon Web Services (“AWS”) GovCloud (US) region that are provisioned in a FedRAMP or StateRAMP authorized environment (“Government Cloud”), you acknowledge the Government Cloud is a more restricted environment.

Customer acknowledges that FedRAMP Moderate or StateRAMP Moderate authorized offerings will only meet the standards of an authorized FedRAMP Moderate or StateRAMP Moderate Hosted Service, respectively, if Customer performs its obligations as set out in both the “FedRAMP Low or Moderate Control Implementation Summary (CIS) Worksheet” and the “FedRAMP Low or Moderate Customer Responsibility Matrix (CRM) Worksheet” available from Splunk upon request. Customer acknowledges that FedRAMP High authorized offerings will only meet the standards of an authorized FedRAMP High Hosted Service if Customer performs its obligations as set out in the “SSP Appendix J Control Implementation Summary (CIS) and Customer Responsibility Matrix (CRM) Workbook” available from Splunk upon request. To maintain the security of the FedRAMP or StateRAMP authorized offerings, Customer agrees to cooperate with Splunk to remediate any security vulnerabilities upon Splunk’s request.

Business Associate Agreement

Splunk will comply with the requirements and obligations in the Splunk Business Associate Agreement set out at https://www.splunk.com/en_us/legal/splunk-baa.html for (i) Hosted Services provisioned in Splunk Cloud Platform’s Premium HIPAA environment, as specified in an Order; and (ii) Splunk Observability Cloud.

1. TERMS

   Your use of a Splunk® AI Offering (“AI Offering”) is governed by the Splunk General Terms (“SGT”) and these Specific Terms for Splunk Offerings, including those set forth in this Splunk AI Offerings section (“Specific Offering Terms,” and the SGT and Specific Terms, “Terms”). By using an AI Offering, you agree to be bound by the Terms. If you are entering into these Terms on behalf of Customer, you represent that you have the authority to bind Customer. If you do not agree to the Terms, or do not have the authority to bind Customer, do not use Splunk’s AI Offerings. For clarity, these Specific Terms hereby incorporate the SGT terms by reference.

2. SERVICE DESCRIPTION.

   AI Offerings are elements of the respective Offerings through which they are made available. The functionality and details relevant to specific AI Offerings are set forth in the Documentation pertinent to such underlying Offerings, or, in the case of AI Assistants, in the respective Assistant Documentation. Your use of each AI Offering, is subject to the conditions, limitations, and requirements set forth in the Documentation and/or Assistant Documentation, together with the Terms. AI Offerings may include features and functionality that include, but are not limited to, generative artificial intelligence ("genAI") and Agentic AI Features.
   

3. PURPOSE AND USE.

   When you interact with an AI Offering, Splunk will use your Inputs, Context Data, and Outputs (collectively, “AI Service Data”) to provide, operate, maintain, and Modify the AI Offerings, to comply with applicable law, and to enforce these Terms. For clarity, as used in this Section, "Modify" does not include Training and Fine-Tuning. By using an AI Offering, you hereby grant Splunk a perpetual, irrevocable, worldwide, royalty-free, non-exclusive, sub-licensable, fully paid-up license to access and use the AI Service Data for such purposes.

4. TRAINING AND FINE-TUNING.

   If you do not expressly withhold consent to Splunk’s use of your AI Service Data for Training and Fine-Tuning by deactivating the “opt-in” setting in the AI Offering settings, then in addition to the uses described in Section 3 above, Splunk may use your AI Service Data for the purpose of Training and Fine-Tuning AI Models. You may opt out of this use of your AI Service Data in the user interface settings. By using an AI Offering and not toggling off the collection of AI Service Data for Training and Fine-Tuning, you agree that, in addition to the rights granted to Splunk in Section 3 above, you also hereby grant Splunk a perpetual, irrevocable, worldwide, royalty-free, non-exclusive, transferrable, sublicensable (through multiple tiers), fully paid-up license to use and transform your AI Service Data for the purpose of Training and Fine-Tuning AI Models in any form, medium or technology now known or later developed and to commercialize such AI models and make derivatives thereof. You acknowledge and agree that some AI Service Data may be replicated in outputs for third parties who use the AI Offering that has been Trained or Fine-Tuned with your AI Service Data and may therefore be disclosed; you consent to such disclosure and use.

5. FEEDBACK.

   “Feedback” has the meaning ascribed to it in the SGT and includes in-product Feedback. Notwithstanding any election to opt-out of the use of your AI Service Data for Training and Fine-Tuning as described above, any Feedback you provide may be used by Splunk for any legal purpose, including without limitation, Training and Fine-Tuning.

6. OWNERSHIP OF INPUTS.

   As between you and Splunk, Inputs, except any Pre-existing Splunk Content, are owned by you. For each Input, you represent and warrant that you have all rights necessary for you to grant the licenses granted in these Terms, and that such Input, and your provision thereof to and through an AI Offering, comply with all applicable laws, rules and regulations, and these Terms..
   

7. OWNERSHIP OF OUTPUTS.

   Except with respect to Pre-existing Splunk Content, as between you and Splunk, Outputs are owned by you. You will have the right to access and use the Pre-existing Splunk Content in connection with your applicable Offerings, and those rights will be of the same scope and duration as your rights to the underlying Offering.

8. RESTRICTIONS AND ACCEPTABLE USE

   In using an AI Offering, you must comply with the acceptable use policy set forth in the Policy. In addition, you may not, and may not allow any user or third party to: (i) use an AI Offering in a way that violates any person’s rights; (ii) use an AI Offering or any Output from an AI Offering to develop or improve models (or other product or service) that are similar to or compete with Splunk or LLM service providers, or to benchmark or to Train any other model; (iii) work around any technical limitations in an AI Offering or restrictions in Documentation; (iv) install or use any third-party software or technology in a way that would subject an AI Offering or any portion thereof to any other license; (v) use an AI Offering or Outputs for any activity for which applicable regulations would require licensure by a local, state, or federal agency or regulatory body if performed by a human (vi) use any Output relating to a person for any purpose that could have a legal or material impact on that person, such as making credit, educational, employment, housing, insurance, legal, medical, or other important decisions about them (including, but not limited to, the uses described in Section 9 below). Your access to and use of an AI Offering is subject to temporary throttling in Splunk’s reasonable discretion in accordance with relevant Documentation.
   

9. NO HAZARDOUS OR MEDICAL USE.

   You acknowledge and agree that an AI Offering is not designed or intended: (i) to support any use in which a service interruption, defect, error, or other failure of an AI Offering could result in the death or serious bodily injury of any person or in physical or environmental damage (collectively, “Hazardous Use”); or (ii) for use as a medical device(s), to be a substitute for professional medical advice, diagnosis, treatment, or judgment (“Medical Use”). You shall not, and shall not permit anyone to, make Hazardous Use or Medical Use of an AI Offering or Output. You will defend, indemnify and hold Splunk and its affiliates harmless from and against all damages, costs and attorneys' fees in connection with any claims arising from a Hazardous Use or Medical Use in connection with an AI Offering, including any claims based in strict liability or that Splunk (or any of Splunk’s suppliers) was negligent in designing or providing the AI Offering (or any part thereof) to you.
   

10. THIRD-PARTY SERVICE PROVIDERS.

    The AI Offering may integrate with a third-party AI service as outlined herein or in the applicable AI Offering Documentation. In cases where such third-party integration is embedded in the AI Offering as provided to you by Splunk, and Splunk transmits your AI Service Data to the third party, Splunk will bind the third party to contractual obligations to afford confidentiality and security safeguards to such AI Service Data that are consistent with those by which Splunk is bound. You consent to Splunk sending your AI Service Data to such third-party AI service to provide the AI Offering services and for the purposes agreed herein.

11. DISCLAIMER OF WARRANTIES.

    Splunk does not offer any representation or warranties, express or implied, that Outputs are accurate or free from error or bias. You should independently evaluate the Outputs through human review, including to make sure that such Outputs are accurate, lawful, and otherwise appropriate and permissible under these Terms and that you have adequate rights to use such Outputs, before relying on them. You will ensure that your Inputs and use of any Outputs does not violate the intellectual property or proprietary rights of Splunk or any third party. Splunk makes no warranties or representations, express or implied, that the Output is protectable under any law. With respect to any separately downloaded and installed AI Offering, you agree that Splunk is not responsible for any impact on your experience of any Splunk Offering with which you use the AI Offering, and that your sole remedy for any negative impact will be to discontinue use of the AI Offering.

    
    

    YOUR USE OF AN AI OFFERING IS AT YOUR OWN RISK. IT IS PROVIDED ON AN "AS IS" AND "AS AVAILABLE" BASIS WITHOUT WARRANTY OF ANY KIND. SPLUNK AND/OR ITS SUPPLIERS AND LICENSORS HEREBY DISCLAIM ALL WARRANTIES AND CONDITIONS WITH REGARD TO AI OFFERINGS OR ANY OUTPUTS, WHETHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. SPECIFICALLY, SPLUNK MAKES NO WARRANTY THAT (I) AN AI OFFERING OR ITS OUTPUTS WILL MEET YOUR REQUIREMENTS, (II) YOUR ACCESS TO AN AI OFFERING OR ITS OUTPUTS WILL BE UNINTERRUPTED, TIMELY, SECURE OR ERROR-FREE, (III) THE QUALITY OF ANY CONTENT, PRODUCTS, SERVICES, INFORMATION OR OTHER MATERIAL OBTAINED THROUGH AN AI OFFERING WILL MEET YOUR EXPECTATIONS, AND (IV) ANY ERRORS IN THE SOFTWARE WILL BE CORRECTED. AN AI OFFERING AND OUTPUTS COULD INCLUDE TECHNICAL INACCURACIES, ERRORS, OR OMISSIONS. THE DISCLAIMERS OF WARRANTY AND LIMITATIONS OF LIABILITY APPLY, WITHOUT LIMITATION, TO ANY DAMAGES OR INJURY CAUSED BY THE FAILURE OF PERFORMANCE, ERROR, OMISSION, INTERRUPTION, DELETION, DEFECT, DELAY IN OPERATION OR TRANSMISSION, COMPUTER VIRUS, COMMUNICATION LINE FAILURE, THEFT OR DESTRUCTION OR UNAUTHORIZED ACCESS TO, ALTERATION OF OR USE OF ANY ASSET, WHETHER ARISING OUT OF BREACH OF CONTRACT, TORTIOUS BEHAVIOR, NEGLIGENCE OR ANY OTHER COURSE OF ACTION BY SPLUNK.

    
    

    As genAI systems, AI Offerings may hallucinate, provide inaccurate, incomplete or irrelevant information, generate Outputs that are harmful or that are not fit for use (including from a legal and/or business perspective). As between you and Splunk, you are responsible for evaluating the accuracy of any Output as appropriate for your use case, including by using human review of the Output.



12. INDEMNIFICATION.

    To the extent that any Customer Claim arises from your AI Service Data, the “Our Indemnification to You” subpart of Section 21 (Indemnity) of the SGT will not apply with regard to an AI Offering. By using an AI Offering, and without limiting the “Your Indemnification to Us” subpart of Section 21 (Indemnity) of the SGT (which applies to your use of an AI Offering), you agree to defend, indemnify and hold harmless Splunk, our affiliates and our personnel from and against any claims, causes of action, demands, recoveries, losses, damages, fines, penalties or other costs or expenses arising from or in connection with your use of an AI Offering in any manner inconsistent with the requirements herein. You may not settle or compromise any claim that requires any action or forbearance on Splunk’s part without first obtaining Splunk’s written consent.

13. ORDER OF PRECEDENCE.

    Despite Section 22 of the SGT (Updates to Offerings), in the event of any conflict between these Specific Terms and the SGT, these Specific Terms will control.

14. DEFINITIONS

    “Agentic AI Features” means features or functionality that are (1) designed to autonomously initiate or execute actions, configurations, or modification within your environment or other systems; and (2) identified as an Agentic AI Feature within the Splunk Offering user interface or relevant Documentation.

     

    “Assistant Documentation” means the descriptive, instructional, and other supporting documentation published by Splunk pertinent to a Specific Assistant found here: https://docs.splunk.com/Documentation.

    
    

    "AI Model" means a computational system, algorithm, or framework that has been trained on data to learn patterns, relationships, or representations and is designed to process inputs (e.g., prompts or data) and generate relevant and responsive outputs. This term encompasses the underlying architecture, parameters, and weights, and any associated algorithms necessary for its functionality. For clarity, "AI Model" expressly excludes (i) the data used to train the AI Model, (ii) specific inputs provided by a user to the AI Model, and (iii) the outputs generated by the AI Model.

    
    

    “AI Offering” means a feature, function, or add-on module of a Splunk product or service that uses artificial intelligence in processing information or producing a response to an end-user provided prompt.

    
    

    “AI Offering Documentation” means the descriptive, instructional, and other supporting documentation published by Splunk pertinent to a Specific AI Offering.

    
    

    “Context Data” means data stored in your instance of the Splunk Offering that underlies your use of the AI Offering (e.g. your Splunk Cloud environment) provided by the Splunk system to an AI Model, together with end-user provided Input that provides relevant reference data used by the AI Model to meaningfully respond to Input.

    
    

    “Input” means the raw data or content that you upload or submit to an AI Offering or that is used as input context from your Offering environment to power an AI Offering, including in-product Feedback, as further described in applicable documentation.

    
    

    “Modify” means to evolve and improve the AI Offering, including without limitation by correcting errors, resolving interoperability issues, patching security vulnerabilities, making feature modifications; improvements; and additions, and by improving services associated with the AI Offering.

    
    

    “Output” means the data or content generated by an AI Offering and displayed to the end-user as the response or final result of the end-user’s interaction with the AI Offering.

    
    

    “Policy” means the Cisco Acceptable Use Policy as set forth here: https://www.cisco.com/c/dam/en_us/about/legal/cisco-acceptable-use-policy.pdf.

    
    

    "Pre-existing Splunk Content” means any materials in which Splunk has pre-existing intellectual property ownership or rights.

    
    

    "Training and Fine-Tuning” means teaching or conditioning AI Models to learn patterns and perform specific tasks by supplying the AI Models with datasets and optimizing their relevant parameters; it includes adapting pre-trained AI Models to improve performance through methods such as adjusting relevant weights.

1. Splunk Cloud Platform or Splunk Enterprise Capacity provided free-of-charge pursuant to the Cisco Firewall Promotional Splunk Capacity offering (“Promotional Capacity”) is subject to the Splunk General Terms and the following additional terms and conditions:
   
   • In addition to your purchase of eligible Cisco products as described in the promotional materials, you must purchase and maintain at least as much paid-for Capacity of an eligible Splunk product as you receive in Promotional Capacity, and Promotional Capacity will be co-termed with your current license or subscription term for the eligible Splunk product(s), excluding any renewal periods. Splunk makes no guarantee that the Promotional Capacity will be offered at the time of renewal. Upon expiration of the free offering, if you wish to continue utilizing any previously offered Promotional Capacity, you will be required to pay for such Capacity at then-current rates.
   • Promotional Capacity is additive to your paid-for Capacity and not intended to offset or substitute any paid-for Capacity for any Splunk Offering.
   • Promotional Capacity may not be transferred from the legal entity associated with the eligible Cisco Secure Firewall licenses and cannot be combined or split between Splunk instances.
   • Promotional Capacity is provided at the same Support service level as the paid capacity, e.g. if the paid capacity has premium support, the Promotional Capacity will be delivered as premium support.
   • The Promotional Capacity does not apply for determining eligibility for OnDemand Services and Education credits (outlined here: https://www.splunk.com/en_us/customer-success/success-plans.html).
   • Promotional Capacity must be ingested via the Cisco Security Cloud App (https://splunkbase.splunk.com/app/7404). Promotional Capacity may only be used for ingesting/processing data from qualifying Firewall licenses.
2. Splunk reserves the right to reduce or immediately terminate any Promotional Capacity if you fail to maintain any eligibility criterion during the course of the promotional period, including but not limited to
   
   • You fail to maintain an eligible Cisco Secure Firewall Threat Defense license subscription and applicable Cisco Support contract for each such license;
   • You reduce your paid Capacity of eligible Splunk products;
   • Your underlying contract with Splunk is terminated;
   • You deactivate threat data sharing or other required telemetry.

Prior Versions of SPLUNK TERMS FOR OFFERINGS AND HOSTED SERVICES

• Published June 2025
• Published February 2025
• Published January 2025
• Published October 2024
• Published September 2024