Release notes for the Splunk Add-on for Unix and Linux

Version 9.0.0 of the Splunk Add-on for Unix and Linux was released on October 28, 2023.

Compatibility

Version 9.0.0 of the Splunk Add-on for Unix and Linux is compatible with the following software, CIM versions, and platforms:

See the Scripted input reference for the Splunk Add-on for Unix and Linux page in the Reference chapter of this manual to learn more about scripted inputs and their operating system compatibility.

The field alias functionality is compatible with the current version of this add-on. The current version of this add-on does not support older field alias configurations.

For more information about the field alias configuration change, refer to the Splunk Enterprise Release Notes.

New features

Version 9.0.0 of the Splunk Add-on for Unix and Linux has the following new features:

• Support for a new linux OS, SUSE Linux Enterprise Server version 15SP5.

Bug fixes

• Fixed extraction of src_ip field for linux_secure source_type.
• Fixed breaking of field values, column values have whitespace for userswithloginprivs sourcetype.
• Fixed issue where the user was getting redirected to the add-on setup page while editing Knowledge Objects on the Splunk Cloud Platform. Users will now be able to edit the Knowledge Objects on the Splunk Cloud Platform after selecting Click me! on the add-on setup page.
• Fixed column truncating issue for lsof and openPortsEnhanced scripted input by adding "+c 0" in lsof command.

Fixed issues

Version 9.0.0 of the Splunk Add-on for Unix and Linux has the following known issues. If no issues appear here, no issues have yet been reported:

Known issues

Version 9.0.0 of the Splunk Add-on for Unix and Linux has the following known issues. If no issues appear here, no issues have yet been reported:

Third-party software attributions

The Splunk Add-on for Unix and Linux does not use third-party software or libraries.