
Release notes for the Splunk Add-on for Microsoft Office 365
After upgrading the Splunk Add-on for Microsoft Office 365 from 4.0.0 and higher to version 4.2.0 or higher, your Splunk platform deployment might receive duplicate events for a maximum of 7 days, due to a change in checkpoint logic. Duplicate events will stop ingesting after 7 days.
Versions 4.2.0 and higher of the Splunk Add-on for Microsoft Office 365 contain changes to the checkpoint mechanism for the Management activity input. See the Upgrade Steps section of the Upgrade topic in this manual.
Version 4.2.1 of the Splunk Add-on for Microsoft Office 365 was released on December 22nd, 2022.
About this release
Version 4.2.1 of the Splunk Add-on for Microsoft Office 365 is compatible with the following software, CIM versions, and platforms.
Splunk platform versions | 8.1.x, 8.2.x, 9.0.0 |
CIM | 5.0.0 |
Supported OS | Platform independent |
Vendor products | Microsoft Office 365 |
New features
Version 4.2.1 of the Splunk Add-on for Microsoft Office 365 has the following new features.
- Fixed a bug related to getting 401 authorization errors for Management Activity inputs.
Versions 4.2.0 and later of this add-on use app key value store (KV store) collection functionality for checkpoints, in order to improve efficiency and optimize structuring. Versions 4.1.0 and earlier of the Splunk Add-on for Microsoft Office 365 used file-based checkpointing for the Management activity API input, which caused high memory issues for users.
KV store accelerations improve search performance by making searches that contain accelerated fields return faster. As a result, KV store will consume system memory when your input is running. If your Splunk platform deployment uses a lot of KV store, you must to scale up your Splunk platform deployment, so that the KV store functionality can run without any errors.
Fixed Issues
Version 4.2.1 of the Splunk Add-on for Microsoft Office 365 contains the following, if any, fixed issues.
Date resolved | Issue number | Description |
---|---|---|
2022-12-21 | ADDON-59068 | Getting 401 Authorization error for management activity inputs |
Known issues
Version 4.2.1 of the Splunk Add-on for Microsoft Office 365 contains the following, if any, known issues.
Third-party software attributions
Version 4.2.1 of the Splunk Add-on for Microsoft Office 365 incorporates the following third-party software or libraries.
Third-party software attributions for the Splunk Add-on for Microsoft Office 365
PREVIOUS Source types for the Splunk Add-on for Microsoft Office 365 |
NEXT Release history for the Splunk Add-on for Microsoft Office 365 |
This documentation applies to the following versions of Splunk® Supported Add-ons: released
Feedback submitted, thanks!