Splunk® Supported Add-ons

Splunk Add-on for VMware

Release history for Splunk Add-on for VMware

These features apply to Splunk Add-on for VMware version 4.1.0, the latest release of the Splunk Add-on for VMware. For compatibility information, see Installation and configuration overview for the Splunk Add-on for VMware in the Splunk Add-on for VMware manual.

New feature or enhancement Description
Python 3.9 support Updated the code to make it compatible with Python 3.9 and removed the legacy code related to Python 2.7 support.
Added HSTS header for Hydra communication. Added the HSTS header to prevent HTTP connection over Hydra gateway.

Version 4.0.6

New feature or enhancement Description
Compliance with Splunk advisory The application has been updated to match the changes in Splunk as described in Unauthenticated Log Injection in Splunk Enterprise. Update the Splunk version based on the advisory to leverage these changes.

Version 4.0.5

New feature or enhancement Description
Added support for encrypted SSL certificates and updated Axios library to v1.4.0
  • Added support for Encrypted SSL certificates on Splunk version 8.2.x and 9.0.x.
  • Upgraded Axios library version to 1.4.0 to fix vulnerabilities related to Inefficient Regular Expression Complexity and Server-Side Request Forgery (SSRF).

Version 4.0.4

These features apply to Splunk Add-on for VMware version 4.0.4. For compatibility information, see Installation and configuration overview for the Splunk Add-on for VMware in the Splunk Add-on.

New feature or enhancement Description
Some minor bug fixes Updated key for syslog stanza
Added triggers stanza for custom configuration files To avoid unnecessary restarts of the Splunk platform, updated app.conf file with a [triggers] stanza and a reload setting for custom configuration file

Version 4.0.3

These features apply to Splunk Add-on for VMware version 4.0.3. For compatibility information, see Installation and configuration overview for the Splunk Add-on for VMware in the Splunk Add-on.

Self-Service Installation Compatibility

The Splunk Add-on for VMware is now available for self-service installation in cloud environments. The following packages have been removed from the add-on package and published as individual Splunkbase add-ons to support self-service installation in cloud environments:

Package Splunkbase Add-on Version
SA-VMWIndex Splunk Add-on for VMware Indexes 4.0.3
TA-VMW-FieldExtractions Splunk Add-on for VMware Extractions 4.0.3
Splunk_TA_esxilogs Splunk Add-on for VMware ESXi Logs 4.2.1
Splunk_TA_vcenter Splunk Add-on for vCenter Logs 4.2.1

jQuery 3.5 Compatibility

The Splunk Add-on for VMware is now updated to use jQuery v3.5.0. The add-on uses jQuery v3.5 in the Splunk version 8.2 or later. This makes the add-on more secure by fixing known cross-site scripting (XSS) related vulnerabilities as well as vulnerabilities created by object prototype pollution.

Version 4.0.2

This version of the Splunk Add-on for VMware doesn't contain biased terms such as master, slave, blacklist, and whitelist have been replaced with appropriate non-biased terms. The occurrences of biased terms that are Splunk platform references or present in the third-party library have not been removed. The following table contains the parameters from the ta_vmware_collection.conf file present in the Splunk_TA_vmware package that has been renamed to remove biased language:

Parameter name in Splunk Add-on for VMware version 4.0.1 Parameter name in Splunk Add-on for VMware version 4.0.2
managed_host_whitelist managed_host_includelist
managed_host_blacklist managed_host_excludelist
vm_metric_whitelist vm_metric_allowlist
vm_metric_blacklist vm_metric_denylist
host_metric_whitelist host_metric_allowlist
host_metric_blacklist host_metric_denylist
cluster_metric_whitelist cluster_metric_allowlist
cluster_metric_blacklist cluster_metric_denylist
rp_metric_whitelist rp_metric_allowlist
rp_metric_blacklist rp_metric_denylist
vm_instance_whitelist vm_instance_allowlist
vm_instance_blacklist vm_instance_denylist
host_instance_whitelist host_instance_allowlist
host_instance_blacklist host_instance_denylist
cluster_instance_whitelist cluster_instance_allowlist
cluster_instance_blacklist cluster_instance_denylist
rp_instance_whitelist rp_instance_allowlist
rp_instance_blacklist rp_instance_denylist
perf_entity_blacklist perf_entity_denylist
  • In the vCenter configuration, you'll see inputs for "Host Includelist Regex" and "Host Excludelist Regex" instead of "Host Whitelist Regex" and "Host Blacklist Regex", to allow or block the performance data collection of certain hosts present in the vCenter server.
  • In the Data Collection Preference, you'll see inputs for "Metric Allowlist" and "Metric Denylist" instead of "Metric Whitelist" and "Metric Blacklist", to allow or block the data collection of specific metrics.
Last modified on 05 September, 2024
Release notes for Splunk Add-on for VMware   Hardware and software requirements for the Splunk Add-on for VMware

This documentation applies to the following versions of Splunk® Supported Add-ons: released

Acrobat logo Download manual
Acrobat logo Download this page

Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters