Splunk® Supported Add-ons

Splunk Add-on for Microsoft Cloud Services

Acrobat logo Download manual as PDF


Acrobat logo Download topic as PDF

Release notes for the Splunk Add-on for Microsoft Cloud Services

Version 5.1.0 of the Splunk Add-on for Microsoft Cloud Services was released on May 2, 2023.

Please also check the release notes for Splunk Add-on for Microsoft Cloud Services v5.0.0 before upgrading to the latest version as breaking changes were introduced in the Storage Blob input.

Compatibility

Version 5.1.0 of the Splunk Add-on for Microsoft Cloud Services is compatible with the following software, CIM versions, and platforms:

Splunk platform versions 8.1.x, 8.2.x, 9.0.x
CIM version 5.1.0
Supported OS for data collection Platform independent
Vendor products Azure Active Directory, Azure Event Hubs, Azure Storage Table, Azure Storage Blob, Azure Audit, Azure Resource Group, and other cloud services.

New Features

Version 5.1.0 of the Splunk Add-on for Microsoft Cloud Services has the following new features:

  • The following inputs were migrated from Splunk Add on for Microsoft Azure to Splunk Add-on for Microsoft Cloud Services. If these inputs are configured in Splunk Add-on for Microsoft Cloud Services, then they will be treated as new inputs. It is recommended to disable those inputs in the Splunk Add-on for Microsoft Azure:
    • Introduced the Azure Metrics input
    • Introduced the Azure KQL Log Analytics input
    • Introduced the Azure Consumption(Billing) input
    • Introduced new Resource Types (Disk Data, Image Data, Snapshot Data, Resource Groups, Security Groups and Subscriptions) in the Azure Resource input
  • Security related issue have been fixed
  • Introduced the Read Timeout parameter to the Storage Blob input, which can be used to resolve the data ingestion stuck issue. See the Storage Blob input configuration manual for more information.
  • Added UI support to the Blob Mode parameter.




Provided CIM 5.1.0 support for the following:

Sourcetype Category
mscs:resource:securityGroup Azure Resource
mscs:resource:disk Azure Resource
mscs:resource:image Azure Resource
mscs:resource:snapshot Azure Resource
mscs:resource:subscriptions Azure Resource
mscs:resource:resourceGroup Azure Resource

Fixed issues

Version 5.1.0 of the Splunk Add-on for Microsoft Cloud Services fixes the following issues. If no issue appear, then there are no bug fixes reported:


Known issues

Version 5.1.0 of the Splunk Add-on for Microsoft Cloud Services contains the following new known issues. If no issues appear, no issues have yet been reported:


Date filed Issue number Description
2021-08-19 ADDON-40841 MacOS not supported for MSCS add-on



Workaround:
None. Splunk add-on for Microsoft CloudServices is not supported on all MacOS versions.

Third-party software attributions

Version 5.1.0 of the Splunk Add-on for Microsoft Cloud Services incorporates the following third-party software or libraries.

Third-party software attributions for the Splunk Add-on for Microsoft Cloud Services

Last modified on 25 May, 2023
PREVIOUS
Source types for the Splunk Add-on for Microsoft Cloud Services
  NEXT
Release history for the Splunk Add-on for Microsoft Cloud Services

This documentation applies to the following versions of Splunk® Supported Add-ons: released


Was this documentation topic helpful?


You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters