Release notes for the Splunk Add-on for Microsoft Cloud Services
Version 3.1.0 of the Splunk Add-on for Microsoft Cloud Services was released on April 8, 2019.
Version 3.1.0 of the Splunk Add-on for Microsoft Cloud Services is compatible with the following software, CIM versions, and platforms.
|Splunk platform versions||6.6,x, 7.0.x, 7.1.x, 7.2.x, 7.3.x|
|Supported OS for data collection||Platform independent|
|Vendor Products||Azure Active Directory, Azure Storage Table, Azure Storage Blob, Azure Audit, and other cloud services|
The following migration guide is supported for upgrading from version 3.0.0 to version 3.1.0. Upgrading from any version older than 3.0.0 requires a fresh installation of version 3.0.0.
A best practice for upgrading the Splunk Add-on for Microsoft Cloud Services is to remove your older version before re-installing version 3.0.0 of the Splunk Add-on for Microsoft Cloud Services.
- Disable all your inputs before you upgrade the add-on. Otherwise you may see errors in the log files which may results data loss against your already configured inputs.
- Install the Splunk Add-on for Microsoft Cloud Services version 3.1.0 from the Splunk Web UI (make sure Upgrade App checkbox is selected).
- Restart the Splunk platform.
- Navigate to the input page of the Splunk Add-on for Microsoft Cloud Service. Alerts will appear, indicating incomplete account authorization.
- Edit each required input by clicking the click here link to navigate to the account configuration page or by directly navigating to the account configuration page.
- Complete the authorization of your account by adding your account secret key/account token.
- Repeat above steps for all inputs which have alert sign against them.
- Enable each desired input to start data collection.
In previous versions, settings including proxy, logging, and performance were stored in
splunk_ta_o365_server_setting.conf. In version 3.0.0 and above of the Splunk Add-on for Microsoft Cloud Services, all setting and performance tuning configurations are in
splunk_ta_mscs_setting.conf. The default log level is
Versions 3.0.0 and above of the Splunk Add-on for Microsoft Cloud Services removes the Microsoft 0ffice 365 module. See the Splunk Add-on for Microsoft 0ffice 365.
Version 3.1.0 of the Splunk Add-on for Microsoft Cloud Services has the following new features:
- Credential validation of Account Name and Account secret key on Account configuration page.
Version 3.1.0 of the Splunk Add-on for Microsoft Cloud Services fixes the following issues:
|Date resolved||Issue number||Description|
|2019-02-08||ADDON-20248||Getting ERROR "No handlers could be found for logger" in splunkd.log file after installation of MSCS Add-On|
Version 3.1.0 of the Splunk Add-on for Microsoft Cloud Services contains the following new known issues. If no issues appear below, no issues have yet been reported:
|Date filed||Issue number||Description|
|2019-09-09||ADDON-23159||Event breaks when encountered "time" attribute in json format blob file|
|2019-08-22||ADDON-22968||Azure BLOB Input intermittently stopping|
|2019-02-27||ADDON-21430||Enable/Disable functionality not working when Input name contains special characters.|
Third-party software attributions
Version 3.1.0 of the Splunk Add-on for Microsoft Cloud Services incorporates the following third-party software or libraries.
Source types for the Splunk Add-on for Microsoft Cloud Services
Release history for the Splunk Add-on for Microsoft Cloud Service
This documentation applies to the following versions of Splunk® Supported Add-ons: released