Splunk® Supported Add-ons

Splunk Add-on for Sysmon

Release notes for the Splunk Add-on for Sysmon

Version 4.0.2 of the Splunk Add-on for Sysmon was released on October 10, 2024.

Compatibility

Version 4.0.2 of the Splunk Add-on for Sysmon is compatible with the following software, CIM versions, and platforms:

Splunk platform versions 8.2, 9.1 and later
CIM 5.2 and later
Supported OS for data collection Platform independent
Vendor products Microsoft Sysmon version 15.0

New features

Version 4.0.2 fixes known issues, See the Known Issues section of this topic for more information.

Fixed issues

Version 4.0.2 of the Splunk Add-on for Sysmon fixes the following, if any, issues.

Date resolved Issue number Description
2024-10-09 ADDON-75229 After upgrading the Add-on from 3.0.1 to 4.0.1 start encounter the error " "Could not load lookup=LOOKUP-record_type". during the search. "

Known issues

Version 4.0.2 of the Splunk Add-on for Sysmon has the following, if any, known issues.


Third-party software attributions

Version 4.0.2 of the Splunk Add-on for Sysmon does not incorporate any third-party software or libraries.

Last modified on 24 October, 2024
Source types for the Splunk Add-on for Sysmon   Release history for the Splunk Add-on for Sysmon

This documentation applies to the following versions of Splunk® Supported Add-ons: released

Acrobat logo Download manual
Acrobat logo Download this page

Please expect delayed responses to documentation feedback while the team migrates content to a new system. We value your input and thank you for your patience as we work to provide you with an improved content experience!

Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters