Release notes for the Splunk Add-on for AWS
Version 5.0.2 of the Splunk Add-on for Amazon Web Services was released on August 22, 2020.
Version 5.0.2 of the Splunk Add-on for Amazon Web Services is compatible with the following software, CIM versions, and platforms:
|Splunk platform versions||8.0 and later|
|CIM||4.3 and later|
|Supported OS for data collection||Platform independent|
|Vendor products||Amazon Web Services CloudTrail, CloudWatch, CloudWatch Logs, Config, Config Rules, Inspector, Kinesis, S3, VPC Flow Logs, Billing services, SQS, and SNS.|
Versions 5.0.0 and above of the Splunk Add-on for AWS are Python 3 releases, and only compatible with Splunk platform versions 8.0.0 and later. To use version 5.0.0 or later of this add-on, upgrade your Splunk platform deployment to version 8.0.0 or later. For users of Splunk platforms 6.x.x and Splunk 7.x.x, the Splunk Add-on for Amazon Web Services version 4.6.1 is supported. Do not upgrade to Splunk Add-on for AWS 5.0.0 or above on these versions of the Splunk platform.
Version 5.0.2 of the Splunk Add-on for AWS version contains the following new and changed features:
- Increased Network Traffic CIM data model compatibility.
- Increased Change CIM data model compatibility.
- Improved support for the Splunk Enterprise Security Assets and Identities Framework Interface
Version 5.0.2 of the Splunk Add-on for Amazon Web Services fixes the following issues.
|Date resolved||Issue number||Description|
|2020-08-24||ADDON-26632||Update cloudfront_web and cloudfront_rtmp regex to account for ipv6 addresses|
|2020-08-24||ADDON-26878||Installing AWS TA on Enterprise Security SH breaks Suppression Auditing: stanzas For aws:resthandler:log and aws:util:log are too generic|
|2020-07-13||ADDON-22785||AWS calls increase when using aws:description|
|2020-07-13||ADDON-26599||Support for newer formatted cloudwatch ELB metrics, exception handling for logs which don't have all log field populated|
Version 5.0.2 of the Splunk Add-on for Amazon Web Services has the following known issues.
The Splunk Add-on for AWS version 5.x.x is incompatible with Splunk Enterprise versions 7.x.x and earlier.
Third-party software attributions
Version 5.0.2 of the Splunk Add-on for Amazon Web Services incorporates the following third-party libraries.
Saved searches for the Splunk Add-on for AWS
Release history for the Splunk Add-on for AWS
This documentation applies to the following versions of Splunk® Supported Add-ons: released