
Release history for the Splunk Add-on for Microsoft SQL Server
Latest release
The latest version of the Splunk Add-on for Microsoft SQL Server is version 2.0.0. See Release notes for the Splunk Add-on for Microsoft SQL Server for the release notes of this latest version.
Version 1.4.0
Version 1.4.0 of the Splunk Add-on for Microsoft SQL Server was released on August 2, 2018.
About this release
Version 1.4.0 of the Splunk Add-on for Microsoft SQL Server is compatible with the following software, CIM versions, and platforms.
Splunk platform versions | 6.6.x, 7.0.x, 7.1.x, 7.2.x, 8.0 |
Splunk DB Connect | 2.4.1, 3.1.3 |
CIM | 4.11 |
Platforms | Windows for local data collection on MS SQL Server, platform independent otherwise |
Vendor Products | Microsoft SQL Server 2008 R2 Enterprise, Microsoft SQL Server 2012 Enterprise, Microsoft SQL Server 2014 Enterprise, Microsoft SQL Server 2016 Enterprise |
New Features
- Support for Microsoft SQL Server 2016
- Compatibility with Splunk Enterprise 7+
Known issues
Version 1.4.0 of the Splunk Add-on for Microsoft SQL Server has the following known issues.
If no issues appear below, no issues have yet been reported:
Date filed | Issue number | Description |
---|---|---|
2020-10-22 | ADDON-30436 | 'Additional_Information' field is not getting extracted properly for the 'mssql:audit' sourcetype |
2020-09-18 | ADDON-29421 | Removed incorrect field mapping of serial_num in sourcetype = mssql:transaction:dm_tran_locks |
2014-12-18 | ADDON-2753, ADDON-8229 | Error in opening perfmon with regex object (SQLServer|MSSQL*) from data inputs UI |
Third-party software attributions
Version 1.4.0 of the Splunk Add-on for Microsoft SQL Server does not incorporate any third-party components or libraries.
Version 1.3.0
Version 1.3.0 of the Splunk Add-on for Microsoft SQL Server is compatible with the following software, CIM versions, and platforms:
Splunk platform versions | 6.4 and later |
Splunk DB Connect | 2.4.1, 3.1.3 (versions 1.x and 3.0 are not supported) |
CIM | 4.1 and later |
Platforms | Windows for local data collection on MS SQL Server, platform independent otherwise |
Vendor Products | Microsoft SQL Server versions 2008 R2 Enterprise, 2012 Enterprise, and 2014 Enterprise |
Upgrade guide
Version 1.2.0 of the Splunk Add-on for Microsoft SQL Server includes a new default\sqlserver_dbx2.conf
file. If you are using DB Connect v2 and want to use this add-on with Splunk IT Service Intelligence, follow the directions in Configure DB Connect v2 inputs for the Splunk Add-on for Microsoft SQL Server to override your existing inputs with the new ones provided in this version of the default\sqlserver_dbx2.conf
template file. If you are using the configuration files, use the default\sqlserver_dbx2.conf
as a template to update your splunk_app_db_connect\local\inputs.conf
. If you are using the DB Connect GUI, refer to default\sqlserver_dbx2.conf
for the source types and query statements.
DB Connect v1 is not supported for collecting data with this add-on for use in Splunk IT Service Intelligence. If you want to use this add-on with Splunk IT Service Intelligence, upgrade to DB Connect v2.
Features
Version 1.3.0 of the Splunk Add-on for Microsoft SQL Server provides added support for DB Connect 3.1, which significantly streamlines the configuration process of database inputs.
Fixed issues
Version 1.3.0 of the Splunk Add-on for Microsoft SQL Server has no fixed issues.
Known issues
Version 1.3.0 of the Splunk Add-on for Microsoft SQL Server has no known issues.
Third-party software attributions
Version 1.3.0 of the Splunk Add-on for Microsoft SQL Server does not incorporate any third-party components or libraries.
Version 1.2.0
Version 1.2.0 of the Splunk Add-on for Microsoft SQL Server was released on April 1, 2016. Version 1.2.0 of the Splunk Add-on for Microsoft SQL Server is compatible with the following software, CIM versions, and platforms:
Splunk platform versions | 6.1 and later |
CIM | 4.1 and later |
Platforms | Windows for local data collection on MS SQL Server, platform independent otherwise |
Vendor Products | Microsoft SQL Server versions 2008 R2 Enterprise, 2012 Enterprise, and 2014 Enterprise |
Upgrade guide
Version 1.2.0 of the Splunk Add-on for Microsoft SQL Server includes a new default\sqlserver_dbx2.conf
file. If you are using DB Connect v2 and want to use this add-on with Splunk IT Service Intelligence, follow the directions in Configure DB Connect v2 inputs for the Splunk Add-on for Microsoft SQL Server to override your existing inputs with the new ones provided in this version of the default\sqlserver_dbx2.conf
template file. If you are using the configuration files, use the default\sqlserver_dbx2.conf
as a template to update your splunk_app_db_connect\local\inputs.conf
. If you are using the DB Connect GUI, refer to default\sqlserver_dbx2.conf
for the source types and query statements.
DB Connect v1 is not supported for collecting data with this add-on for use in Splunk IT Service Intelligence. If you want to use this add-on with Splunk IT Service Intelligence, upgrade to DB Connect v2.
Features
Version 1.2.0 of the Splunk Add-on for Microsoft SQL Server has the following new features:
Date | Issue number | Description |
---|---|---|
2016-03-09 | ADDON-7327 | Support for the IT Service Intelligence Database module, including new source types, new lookup file, and new SQL queries for DB Connect v2. |
Fixed issues
Version 1.2.0 of the Splunk Add-on for Microsoft SQL Server has no fixed issues.
Known issues
Version 1.2.0 of the Splunk Add-on for Microsoft SQL Server has the following known issues:
Date filed | Issue number | Description |
---|---|---|
2016-03-30 | ADDON-2764 | Data type RAW (8 byte) not supported due to limitation of DB Connect v.2.0.0. As a result some fields have a value of '## NOT SUPPORTED TYPE ##'. |
2015-01-08 | ADDON-2764 | Incorrect line breaking and/or some fields for audit and trace log events are missing in indexed events when using DB Connect v1. Workaround: edit dbx\local\inputs.conf to include SHOULD_LINEMERGE=true in the stanzas for the affected inputs.
|
2015-02-04 | ADDON-3131 | Change to non-deprecated method for pulling trace log files from SQL Server because fn_trace_gettable is EOL. |
2014-12-18 | ADDON-2753 | Error in creating performance monitor inputs with regex objects (SQLServer|MSSQL[^:]*) from data inputs UI. Workaround: configure all performance monitoring inputs via the inputs.conf file.
|
Note that there is a known issue in DB Connect 3 to support a new installation of Splunk Add-on for Microsoft SQL Server. See release notes for DB Connect 3 for details.
Third-party software attributions
Version 1.2.0 of the Splunk Add-on for Microsoft SQL Server does not incorporate any third-party components or libraries.
Version 1.1.0
Version 1.1.0 of the Splunk Add-on for Microsoft SQL Server has the same compatibility specifications as Version 1.2.0.
Features
Version 1.1.0 of the Splunk Add-on for Microsoft SQL Server has the following new features.
Date | Issue number | Description |
---|---|---|
2015-10-09 | ADDON-2921 | Support for Splunk DB Connect v2. |
2015-10-09 | ADDON-3734 | Support for Microsoft SQL Server 2014. |
Fixed issues
Version 1.1.0 of the Splunk Add-on for Microsoft SQL Server fixes the following issues.
Date fixed | Issue number | Description |
---|---|---|
2015-10-08 | ADDON-5975 | Stanzas have unnecessary wildcarding, contrary to best practices. |
2015-10-08 | ADDON-5978 | Sourcetypes in eventtypes.conf should be capitalization-unified with real sourcetypes' names. |
2015-09-23 | ADDON-3270 | Console startup errors when DB Connect is not present. |
Known issues
Version 1.1.0 of the Splunk Add-on for Microsoft SQL Server has the following known issues.
Date filed | Issue number | Description |
---|---|---|
2015-01-08 | ADDON-2764 | Incorrect line breaking and/or some fields for audit and trace log events are missing in indexed events when using DB Connect v1. Workaround: edit dbx\local\inputs.conf to include SHOULD_LINEMERGE=true in the stanzas for the affected inputs.
|
2015-02-04 | ADDON-3131 | Change to non-deprecated method for pulling trace log files from SQL Server because fn_trace_gettable is EOL. |
2014-12-18 | ADDON-2753 | Error in creating performance monitor inputs with regex objects (SQLServer|MSSQL[^:]*) from data inputs UI. Workaround: configure all performance monitoring inputs via the inputs.conf file.
|
Third-party software attributions
Version 1.1.0 of the Splunk Add-on for Microsoft SQL Server does not incorporate any third-party components or libraries.
Version 1.0.0
Version 1.0.0 of the Splunk Add-on for Microsoft SQL Server is compatible with the following software, CIM versions, and platforms.
Splunk platform versions | 6.1 and later |
CIM | 4.1 and later |
Platforms | Windows |
Vendor Products | Microsoft SQL Server versions 2008 R2 Enterprise and 2012 Enterprise |
New features
Version 1.0.0 of the Splunk Add-on for Microsoft SQL Server has the following new features.
Date | Issue number | Description |
---|---|---|
12/12/14 | ADDON-211 | CIM-compliant data collection of performance metrics and security events from Microsoft SQL Server using log files, audit trace files, and Splunk DB Connect. |
Known issues
Version 1.0.0 of the Splunk Add-on for Microsoft SQL Server has the following known issues.
Date | Issue number | Description |
---|---|---|
01/08/15 | ADDON-2764 | Incorrect line breaking and/or some fields for audit and trace log events are missing in indexed events. Workaround: edit dbx\local\inputs.conf to include SHOULD_LINEMERGE=true in the stanzas for the affected inputs.
|
02/04/15 | ADDON-3131 | Change to non-deprecated method for pulling trace log files from SQL Server because fn_trace_gettable is EOL. |
12/18/14 | ADDON-2753 | Error in creating performance monitor inputs with regex objects (SQLServer|MSSQL[^:]*) from data inputs UI. Workaround: configure all performance monitoring inputs via the inputs.conf file.
|
Third-party software attributions
Version 1.0.0 of the Splunk Add-on for Microsoft SQL Server does not incorporate any third-party components or libraries.
PREVIOUS Release notes for the Splunk Add-on for Microsoft SQL Server |
NEXT Hardware and software requirements for the Splunk Add-on for Microsoft SQL Server |
This documentation applies to the following versions of Splunk® Supported Add-ons: released
Feedback submitted, thanks!