Release notes for the Splunk Add-on for AWS
Version 4.6.0 of the Splunk Add-on for Amazon Web Services was released on October 3, 2018.
Version 4.6.0 of the Splunk Add-on for Amazon Web Services is compatible with the following software, CIM versions, and platforms:
|Splunk platform versions||6.5 and later|
|CIM||4.3 and later|
|Supported OS for data collection||Platform independent|
|Vendor products||Amazon Web Services CloudTrail, CloudWatch, CloudWatch Logs, Config, Config Rules, Inspector, Kinesis, S3, VPC Flow Logs, Billing services, SQS, and SNS.|
Version 4.6.0 of the Splunk Add-on for AWS version contains the following new and changed features:
- CloudWatch Metrics input to enable discovery of new entities without Splunk restart
- Metrics store support (requires a Splunk forwarder version 7.2.0 or above.)
- Ability to detect configuration of SSL on management port
- Line/event breaking enforcement for ELB/S3 Access Logs
- Support for Splunk Enterprise 7.2.0
Version 4.6.0 of the Splunk Add-on for Amazon Web Services fixes the following issues.
|Date resolved||Issue number||Description|
|2018-08-27||ADDON-18031||Small page size causing LimitExceededException error during Kinesis ListStreams operations|
|2018-07-17||ADDON-18087, SII-1746||Invalid AWS credentials can be added and interacted with as valid AWS credentials|
|2018-06-27||ADDON-17277||Line/event breaking enforcement for ELB/S3 Access Logs|
Version 4.6.0 of the Splunk Add-on for Amazon Web Services has the following known issues.
|Date filed||Issue number||Description|
|2018-08-23||ADDON-19179||UI shows error message when a CloudWatch mod input has dimensions with different query_window_size|
|2018-08-16||ADDON-19138||Splunk 7.1 and below outputs 'Invalid key in stanza' warning on startup about INGEST_EVAL, METRIC-SCHEMA-MEASURES, and METRIC-SCHEMA-TRANSFORMS|
|2018-03-28||ADDON-17571||AWS TA and *nix TA lack spec files for eventgen.conf, which causes cluster bundle validation errors, and breaks Manage Indexes page in clustered Splunk Cloud|
Splunk Cloud customers who cannot create indexes on their own due to this bug should file a support case when they need new indexes created.
|2018-02-19||ADDON-17158||The style of multi-input text box is not correct|
|2018-02-19||ADDON-17157||The header view of customized page is inconsistent with the default NightLight style|
|2018-02-13||ADDON-17132||Create/edit input page layout is broken|
|2018-02-13||ADDON-17135||Placeholder tooltip is missing for dropdown|
|2018-01-05||ADDON-16518||When kinesis and cloudwatch inputs send large volumes of data over HEC, HEC can block the ingest pipeline, which breaks non-HEC inputs.|
Set use_hec=false in [global_settings] stanza of aws_kinesis.conf and/or aws_cloudwatch.conf
|2017-09-03||ADDON-15718||Duplicate cloudfront data in description when there are more than 1 regions|
|2017-08-22||ADDON-15603||Users can delete an account in use.|
|2017-03-29||ADDON-14287||After you replace an IAM role attached to an EC2 instance, the inputs that use the old IAM role stop collecting data.|
|2016-12-22||ADDON-12867, ADDON-11894||S3 input: large key numbers lead to excessively large checkpoint files|
Third-party software attributions
Version 4.6.0 of the Splunk Add-on for Amazon Web Services incorporates the following third-party libraries.
Source types for the Splunk Add-on for AWS
Release history for the Splunk Add-on for AWS
This documentation applies to the following versions of Splunk® Supported Add-ons: released