SPECIFIC TERMS FOR SPLUNK OFFERINGS

Secure Gateway app facilitates communication between mobile devices and Splunk instances with an end-to-end encrypted free cloud service called Spacebridge. Spacebridge cloud service environment, and the service itself, is separate from the Splunk Enterprise and Splunk Cloud offering. Spacebridge is a free Hosted Service and use is subject to Splunk General Terms available at: https://www.splunk.com/en_us/legal/splunk-general-terms.html. See here to learn more about the Spacebridge offering. Learn more

You may not transmit regulated data, including PHI data of PCI data, to Spacebridge unless you are using Spacebridge with a managed Splunk Cloud deployment and have specifically purchased the applicable regulated environment for that managed Splunk Cloud deployment. Spacebridge does not leverage the FIPS 140-2 validated Splunk Cryptographic Module and may not be used in environments that require this standard.

You must agree to use Spacebridge to use Splunk Secure Gateway. If you want to permanently disable the use of Spacebridge, you must disable Splunk Secure Gateway. Disable Splunk Secure Gateway in Apps > Manage Apps. If you’re using a managed Splunk Cloud deployment, file a support ticket to disable Splunk Secure Gateway.

1. Service Description
   https://docs.splunk.com/Documentation/SIM/current/User/Intelligenceoverview
2. Security
   Customer hereby acknowledges and agrees that Splunk Intelligence Management no longer has SOC2 attestation as audited by an independent third party. 

1. Service Description
   https://docs.splunk.com/Documentation/SAPSecurity
2. General Availability
   License to use Splunk Security for SAP solutions is subject to general availability. In the event this Purchased Offering is no longer generally available, Splunk may terminate the Purchased Offering and refund to you any prepaid fees covering the unexpired Term.
3. Monitored Users
   A “Monitored User” cannot be assigned to more than one (1) individual. However, a Monitored User assignment may be transferred from one (1) individual to another, but only if the individual to which the Monitored User was assigned is:
   • is on vacation;
   • is absent due to sickness;
   • has their employment terminated;
   • is moved into a new job function which no longer requires them to use Splunk
   • Security for SAP solutions; or
   • is subject to a condition that is otherwise agreed by Splunk.
4. Additional License Restrictions
   SAP software bundled in the Splunk Security for SAP solution (“SAP Software”) can only be used with the Splunk Security for SAP solution for the duration of the subscription term of the license to Splunk Security for SAP solutions. The SAP Software may only be used with Splunk Security for SAP solutions to enable its performance, with data access limited to data created or processed by Splunk Security for SAP solutions. The Splunk Security for SAP solution may only be used with Splunk Enterprise and/or Splunk Cloud Platform.
5. Restricted Activity
   You may not distribute or publish keycodes or otherwise endanger the security or operation of Splunk Security for SAP solutions, including the SAP Software, or other materials provided in connection therewith.
   
   Notwithstanding the General Terms, You do not have the right to make additional copies of Splunk Security for SAP solutions for archival and back-up purposes.
   
   SAP Software and related material is Confidential Information. With respect to your use of Splunk Security for SAP solutions, you agree not disclose or reveal any such Confidential Information to any person other than your Affiliates, employees, contractors, legal representatives, accountants, or other professional advisors whose access is necessary to enable you to exercise your rights or perform your obligations under the General Terms and who are under obligations of confidentiality substantially similar to those in the General Terms, including these Specific Terms for Splunk Offerings.
6. Your responsibilities
   You are responsible for (i) setting up, installing, configuring and managing the Splunk for SAP solution on any SAP software, and (ii) obtaining internet connectivity. Splunk will not be responsible for loss due to your failure to comply with your responsibilities in this section or for activities that take place in your SAP environment (which shall be governed by your applicable agreement with SAP).
7. Not for Resale and Evaluation Licenses
   If Splunk makes available the Splunk Security for SAP solution pursuant to Section 1.D of the General Terms, the Splunk Security for SAP solution must not be used in production and must be destroyed or deleted when the license terminates. Licenses to Splunk Security for SAP solutions made available under Section 1.D of the General Terms may be terminated at any time upon written notice from Splunk.
8. SAP Open Source
   Applicable specific conditions related to certain open source products made available in SAP Software are part of the applicable product documentation and apply to your use of any such open source products. The SAP Software open source components and their related licenses are documented at https://docs.splunk.com/Documentation/SAPSecAddOn/1.0.0/User/Credits.
9. SAP Software License Specific Terms
   Splunk Security for SAP solutions includes SAP Enterprise Threat Detection - OEM and SAP HANA, RTed Appl&BW-new/subsq partial (“SAP Products”). Subject to the license restrictions under the General Terms, including these Specific Terms for Splunk Offerings, SAP products come with additional software usage rights. Such rights can be found in the SAP Software Usage Rights available at https://assets.cdn.sap.com/agreements/oem-agreements/sur/sap-partneredge-build-formerly-oem-software-use-rights-english-v7-2022.pdf. Exercise of any of such additional rights shall be subject to the SAP Software Usage Rights.

1. Service Level Schedule
   The Service Level Schedule for the Splunk Attack Analyzer, set forth at https://www.splunk.com/en_us/legal/attack-analyzer-service-level-schedule.html, will apply to service availability of the Splunk Attack Analyzer Hosted Service. Customer will be entitled to service credits for downtime in accordance with the Service Level Schedule.
2. Security of Customer Content
   Splunk maintains administrative, physical and technical safeguards to protect the security of Customer Content on Splunk Attack Analyzer as set forth in the Splunk Attack Analyzer Security Addendum located at https://www.splunk.com/en_us/legal/splunk-attack-analyzer-security-addendum.html (“SAA Security Addendum”).
   
   Customer acknowledges and agrees that Splunk Attack Analyzer has not yet undergone a security audit by an independent third party and therefore does not have SOC2 or ISO27001 certification. 
3. Use of Customer Content
   The operation and functionality of Splunk Attack Analyzer depends on the continuous improvement of detection capabilities through the application of threat intelligence information that is derived from the data our customers submit to the Splunk Attack Analyzer service. Accordingly, Customer agrees that Splunk may use Customer Content submitted to Splunk Attack Analyzer for purposes of analyzing threat trends, enhancing detection capabilities, and otherwise testing, improving and operating Splunk’s products and services, provided that Customer Content will not be disclosed to any third party except in aggregated format and in a manner that does not identify Customer as the source of the Customer Content and could not otherwise be attributable to Customer or any individual.

1. If you access or use any Hosted Services in the specially isolated Amazon Web Services (“AWS”) GovCloud (US) region that are provisioned in a FedRAMP or StateRAMP authorized environment (“Government Cloud”), you acknowledge the Government Cloud is a more restricted environment.
2. Customer acknowledges that FedRAMP or StateRAMP authorized offerings will only meet the standards of an authorized FedRAMP or StateRAMP Hosted Service, respectively, if Customer performs its obligations as set forth in both the “FedRAMP Low or Moderate Control Implementation Summary (CIS) Worksheet” and the “FedRAMP Low or Moderate Customer Responsibility Matrix (CRM) Worksheet” available from Splunk upon request. To maintain the security of the FedRAMP or StateRAMP authorized offerings, Customer agrees to cooperate with Splunk to remediate any security vulnerabilities upon Splunk’s request.

1. Terms

   Your use of the Splunk® AI Assistant for SPL (“Assistant”) is governed by the Splunk General Terms (“SGT”) and these Specific Terms for Splunk Offerings (“Specific Terms,” and the SGT and Specific Terms, “Terms”). By using the Assistant, you agree to be bound by Terms for the Assistant offering. Unless otherwise noted, the Assistant is a Splunk Extension under the SGT and it is not a “Purchased Offering” or “Hosted Service.” If you are entering into these Terms on behalf of Customer, you represent that you have the authority to bind Customer. If you do not agree to the Terms, or do not have the authority to bind Customer, do not use the Assistant. For clarity, these Specific Terms hereby incorporate the SGT terms by reference. Use of the Assistant is subject to Splunk research and development as outlined in Section 6 below unless you opt out.

2. Service Description

   The Assistant is a cloud-powered application and available for use only with Splunk Cloud Platform and is not available for use with GovCloud environments. The Splunk Assistant uses generative artificial intelligence ("genAI"). For purposes of Section 3 of the SGT only (“Your Contractors and Third-party Providers”), the Assistant will be deemed a Purchased Offering.
   
   

   The Assistant service description can be found here. License entitlements to the Assistant, Term, service limitations, and compatibility requirements can be found in the Assistant service description.

3. Inputs

   For the Assistant, and as between you and Splunk, any text, instructions, content, information or other materials you input into, or is used as input context from your Offering environment, by the Assistant (“Inputs”) are owned by you. You hereby grant Splunk a worldwide, royalty free, non-exclusive, sublicensable (through multiple tiers), worldwide, fully paid up, license to access and use the Inputs for purposes of providing you the Assistant service and as otherwise permitted by these Terms. For each Input, you represent and warrant that you have all rights necessary for you to grant the licenses granted in these Terms, and that such Input, and your provision thereof to and through the Assistant, comply with all applicable laws, rules and regulations, and these Terms.
   
   

   Inputs are not considered Customer Content for purposes of the SGT.

4. Outputs

   For the Assistant, and as between you and Splunk, outputs generated by the Assistant based on your Inputs (“Outputs”), but excluding Pre-existing Splunk Content, are owned by you. For materials Splunk has pre-existing ownership or rights in (“Pre-existing Splunk Content”), you will have the right to access and use the Pre-existing Splunk Content in connection with your applicable Purchased Offerings, and those rights will be of the same scope and duration as your rights to the underlying Purchased Offering.
   
   

   You hereby grant Splunk a worldwide, royalty free, non-exclusive, sublicensable (through multiple tiers), worldwide, fully paid up, license to access and use the the Outputs for purposes of providing you the Assistant service and as otherwise permitted by these Terms.
   
   

   Outputs may not be unique and other users of the Assistant may generate the same or similar output. Responses that are requested by and generated for other users are not considered owned by you. As a genAI system, the Assistant may hallucinate, provide inaccurate, incomplete or irrelevant information, generate Outputs that are harmful or that are not fit for use (including from a legal and/or business perspective).
   
   

   Outputs are not considered Customer Content for purposes of the SGT.

5. Improvements

   Any changes, modifications, improvements and updates made to the Assistant (“Updates”), whether or not supplied by or developed by Splunk, are the sole and exclusive property of Splunk and its licensors. You acquire no rights in any Updates and you hereby assign all worldwide right, title and interest you may have in any Updates to Splunk, subject to the extent such Updates are expressly licensed to you as part of your use of the Assistant under these Terms.

6. Data Collection and Consent to Splunk’s Research and Development

   When you interact with the Splunk Assistant, Splunk will use your Inputs, including context data collected as part of the service as outlined in Documentation, Outputs and in-product feedback you give (“AI Service Data”) to develop and improve Assistant, including for Splunk’s research and development which may include training our models. If you do not want AI Service Data used for these purposes, you may toggle this collection off in the user interface settings. By using the Assistant and not toggling off the collection of AI Service Data, you agree to the collection and use of AI Service Data for the purposes stated in these Terms and acknowledge that some AI Service Data could be generated by the Assistant in the future and you consent to the disclosure and use thereof. You also hereby grant Splunk a perpetual, irrevocable, worldwide, royalty free, non-exclusive, transferrable, sublicensable (through multiple tiers), fully paid-up license to use, offer for sale, sell, copy, distribute, perform, display (whether publicly or otherwise), modify, adapt, publish, transmit, commercialize, use as or to develop Updates, create derivative works of, and use as training data for genAI tools the AI Service Data in any form, medium or technology now known or later developed, and to grant to others rights to do any of the foregoing.
   
   

   Except for AI Service Data collected for research and development, Inputs and Outputs used to power the Assistant may be removed from the Assistant in accordance with Documentation. Section 4 of the SGT, subsection entitled “Your Responsibility for Data Protection” and Section 15 of the SGT, subsection entitled “Third Party Content” shall apply to AI Service Data as if AI Service Data was “Customer Content” for the purpose of these Specific Terms.

7. Support

   For information about the support provided for the Assistant, please see https://www.splunk.com/en_us/customer-success/support-programs.html.

8. Restrictions and Indemnity

   You must comply with the Hosted Services acceptable use policy per Section 16 of the SGT as if the Assistant was a Hosted Service. Additionally, you may not use the Assistant to develop machine learning models, related technology, or to create any competing products or services. The Assistant may not be used for medical, legal, financial, or other professional advice or hazardous use cases. Any Outputs regarding those topics should not be relied upon. You must not use the Assistant to harvest or collect personally identifiable information or personal information or personal data. You must not use any Output relating to a person for any purpose that could have a legal or material impact on that person, such as making credit, educational, employment, housing, insurance, legal, medical, or other important decisions about them. You must not represent that an Output was human-generated when it was not, provide access to third parties not authorized under these Terms or use the Assistant for any purpose not intended by Splunk (as described in these Terms).
   
   

   The “Our Indemnification to You” subpart of Section 23 (Indemnity) of the SGT will not apply with regard to the Assistant. By using the Assistant, and without limiting the “Your Indemnification to Us” subpart of Section 23 (Indemnity) of the SGT, you agree to defend, indemnify and hold harmless Splunk from and against any claims, causes of action, demands, recoveries, losses, damages, fines, penalties or other costs or expenses arising from or in connection with your use of the Assistant, including arising from or in connection with AI Service Data.

9. Disclaimer of Warranties

   Splunk does not offer any representation or warranties, express or implied, that Outputs are accurate or free from error or bias. You should independently evaluate, through human review, the Outputs, including to make sure that such Outputs are accurate, lawful, and otherwise appropriate and permissible under these Terms and that you have adequate rights to use such Outputs, before relying on them. You shall ensure that your Inputs and use of any Output does not violate the intellectual property or proprietary rights of Splunk or any third party. You also acknowledge and agree that any Outputs may not be protectable under copyright or other intellectual property, proprietary rights, or other law. Splunk makes no warranties or representations, express or implied, that the Output is protectable under any law. You agree that Splunk is not responsible for any impact on your experience of a Hosted Service, as a result of your installation and/or use of the Assistant, and that your sole remedy will be to remove the Assistant from the applicable Hosted Service.
   
   

   YOUR USE OF SPLUNK ASSISTANT IS AT YOUR OWN RISK. IT IS PROVIDED ON AN "AS IS" AND "AS AVAILABLE" BASIS WITHOUT WARRANTY OF ANY KIND. SPLUNK AND/OR ITS SUPPLIERS AND LICENSORS HEREBY DISCLAIM ALL WARRANTIES AND CONDITIONS WITH REGARD TO THE SPLUNK ASSISTANT OR ANY OUTPUTS, WHETHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. SPECIFICALLY, SPLUNK MAKES NO WARRANTY THAT (I) THE SPLUNK ASSISTANT OR ITS OUTPUTS WILL MEET YOUR REQUIREMENTS, (II) YOUR ACCESS TO SPLUNK ASSISTANT OR ITS OUTPUTS WILL BE UNINTERRUPTED, TIMELY, SECURE OR ERROR-FREE, (III) THE QUALITY OF ANY CONTENT, PRODUCTS, SERVICES, INFORMATION OR OTHER MATERIAL OBTAINED THROUGH THE SPLUNK ASSISTANT WILL MEET YOUR EXPECTATIONS, AND (IV) ANY ERRORS IN THE SOFTWARE WILL BE CORRECTED. THE SPLUNK ASSISTANT AND OUTPUTS COULD INCLUDE TECHNICAL INACCURACIES, ERRORS, OR OMISSIONS. THE DISCLAIMERS OF WARRANTY AND LIMITATIONS OF LIABILITY APPLY, WITHOUT LIMITATION, TO ANY DAMAGES OR INJURY CAUSED BY THE FAILURE OF PERFORMANCE, ERROR, OMISSION, INTERRUPTION, DELETION, DEFECT, DELAY IN OPERATION OR TRANSMISSION, COMPUTER VIRUS, COMMUNICATION LINE FAILURE, THEFT OR DESTRUCTION OR UNAUTHORIZED ACCESS TO, ALTERATION OF OR USE OF ANY ASSET, WHETHER ARISING OUT OF BREACH OF CONTRACT, TORTIOUS BEHAVIOR, NEGLIGENCE OR ANY OTHER COURSE OF ACTION BY SPLUNK.

10.  Limitation of Liability
    

    The Assistant shall be deemed a “Purchased Offering” under Section 22 of the SGT (“Limitation of Liability”).

11.  Termination

    The term of these Terms will commence on the date you gain access to the Assistant and will run for the duration of term of the underlying Purchased Offering, unless terminated earlier. Splunk may terminate the Terms at its convenience upon 30 days written notice to you. You may terminate these terms at any time by uninstalling the Assistant and ceasing use. In the event Splunk, in its sole discretion, believes your use of the Assistant may be in breach of these terms or could result in a potential harm, Splunk may immediately suspend your use of the Assistant.

12.  Order of Precedence

    Notwithstanding Section 24 of the SGT (Updates to Offerings), in the event of any conflict between these Specific Terms and the SGT, these Specific Terms will control.

Prior Versions of SPLUNK TERMS FOR OFFERINGS AND HOSTED SERVICES ENVIRONMENTS

• Published March 2024
• Published February 2024
• Published January 2024
• Published October 2023
• Published August 2023