Splunk® Supported Add-ons

Splunk Add-on for VMware ESXi Logs

Release notes for the Splunk Add-on for VMware ESXi Logs

Version 4.2.1 of the SplunkAdd-on for VMware ESXi Logs was released on June 28, 2021. This is the first release of SplunkAdd-on for VMware ESXi Logs.

The package included in Splunk Add-on for VMware ESXi logs (Splunk_TA_esxilogs) was previously part of Splunk Add-on for VMware Metrics in v4.2.0 or previous and the Splunk Add-on for VMware in v4.0.2 or previous. This package is being released as an individual Splunkbase add-on to add support for self-service installation for the Splunk Add-on for VMware Metrics and the Splunk Add-on for VMware v4.0.3 in cloud environments.

What's new

These features are available in the Splunk Add-on for VMware ESXi logs v4.2.1. For compatibility information, go to the Data collection planning and requirements.

New feature or enhancement Description
Ingestion and Parsing of VMware ESXi log data The package contains the search-time and index-time extractions to parse and extract fields from the VMware ESXi logs forwarded using syslog.
Support for self-service installation in cloud environments Customers of the Splunk Add-on for VMware Metrics or Splunk Add-on for VMware in a cloud environment can install this package by following the cloud installation steps.


As the add-on package was previously part of the Splunk Add-on for VMware Metrics v4.2.0 or below and Splunk Add-on for VMware v4.0.2 or below, existing customers of Splunk Add-on for VMware Metrics have to follow the upgrade steps for the Splunk Add-on for VMware Metrics to switch to the version of the add-on that supports self-service installation. Existing customers of Splunk Add-on for VMware have to follow the upgrade steps for the Splunk Add-on for VMware to switch to the version of the add-on that supports the self-service installation.

Fixed issues

This version of the Splunk Add-on for VMware ESXi Logs has the following reported fixed issues. If no issues appear below, no issues have yet been reported.

Known issues

This version of the Splunk Add-on for VMware ESXi Logs has the following reported known issues and workarounds. If no issues appear below, no issues have yet been reported.


Date filed Issue number Description
2021-08-05 VMW-6236 Incorrect value for Cluster performance metrics due to aggregation mechanism on vCenter side.
2020-09-30 VMW-5802 No data collection occurs when the DCN is configured with more than 8 worker processes on Splunk version 8.x.
2020-06-22 VMW-5473 After upgrade to Splunk add on for VMware Metrics 4.x vCenter/DCN configuration showing wrong "last connected time"
2020-06-01 VMW-5425 There's an invalid key error on Splunk version 7.x because Splunk Add-on for VMware Metrics uses the Python 3 interpreter by default.
2019-10-15 VMW-5274 For inventory data, the changeset field value is null.
2019-08-22 VMW-5188 There can be irregular collection intervals and negative values for performance metrics.
2019-06-12 VMW-5127 There can be duplicate performance metrics data.
2019-06-06 VMW-5118 The Cluster performance value is incorrect for metrics due to the aggregation mechanism on the vCenter side.
Last modified on 31 August, 2023
About the Splunk Add-on for VMware ESXi Logs   Release history for the Splunk Add-on for VMware ESXi Logs

This documentation applies to the following versions of Splunk® Supported Add-ons: released


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters