Splunk® Supported Add-ons

Splunk Add-on for Microsoft Office 365

Acrobat logo Download manual as PDF


Acrobat logo Download topic as PDF

Release notes for the Splunk Add-on for Microsoft Office 365

After upgrading the Splunk Add-on for Microsoft Office 365 from 4.0.0 and higher to version 4.2.0 or higher, your Splunk platform deployment might receive duplicate events for a maximum of 7 days, due to a change in checkpoint logic. Duplicate events will stop ingesting after 7 days.

Versions 4.2.0 and higher of the Splunk Add-on for Microsoft Office 365 contain changes to the checkpoint mechanism for the Management activity input. See the Upgrade Steps section of the Upgrade topic in this manual.

Version 4.2.1 of the Splunk Add-on for Microsoft Office 365 was released on December 22nd, 2022.

About this release

Version 4.2.1 of the Splunk Add-on for Microsoft Office 365 is compatible with the following software, CIM versions, and platforms.

Splunk platform versions 8.1.x, 8.2.x, 9.0.0
CIM 5.0.0
Supported OS Platform independent
Vendor products Microsoft Office 365

New features

Version 4.2.1 of the Splunk Add-on for Microsoft Office 365 has the following new features.

  • Fixed a bug related to getting 401 authorization errors for Management Activity inputs.


Versions 4.2.0 and later of this add-on use app key value store (KV store) collection functionality for checkpoints, in order to improve efficiency and optimize structuring. Versions 4.1.0 and earlier of the Splunk Add-on for Microsoft Office 365 used file-based checkpointing for the Management activity API input, which caused high memory issues for users.
KV store accelerations improve search performance by making searches that contain accelerated fields return faster. As a result, KV store will consume system memory when your input is running. If your Splunk platform deployment uses a lot of KV store, you must to scale up your Splunk platform deployment, so that the KV store functionality can run without any errors.

Fixed Issues

Version 4.2.1 of the Splunk Add-on for Microsoft Office 365 contains the following, if any, fixed issues.


Date resolved Issue number Description
2022-12-21 ADDON-59068 Getting 401 Authorization error for management activity inputs

Known issues

Version 4.2.1 of the Splunk Add-on for Microsoft Office 365 contains the following, if any, known issues.


Third-party software attributions

Version 4.2.1 of the Splunk Add-on for Microsoft Office 365 incorporates the following third-party software or libraries.

Third-party software attributions for the Splunk Add-on for Microsoft Office 365

Last modified on 11 January, 2023
PREVIOUS
Source types for the Splunk Add-on for Microsoft Office 365
  NEXT
Release history for the Splunk Add-on for Microsoft Office 365

This documentation applies to the following versions of Splunk® Supported Add-ons: released


Was this documentation topic helpful?


You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters