Release notes for the Splunk Add-on for OSSEC
About this release
Version 4.1.0 of the Splunk Add-on for OSSEC is compatible with the following software, CIM versions, and platforms.
|Splunk platform versions||7.3, 8.0, 8.1|
|Vendor Products||OSSEC 3.6.0|
The field alias functionality is compatible with the current version of this add-on. The current version of this add-on does not support older field alias configurations.
For more information about the field alias configuration change, refer to the Splunk Enterprise Release Notes.
New or Changed features
- Add support of Ossec version 3.6.0
- Add support for SC4S
- Add CIM mapping and fix gaps/issues for CIM v4.17
- Alert datamodel mapping has been removed from
- Endpoint datamodel mapping has been removed from
defaulttag of authentication has been removed from
Version 4.1.0 of the Splunk Add-on for OSSEC fixed the following issues, if any.
Version 4.1.0 of the Splunk Add-on for OSSEC has no reported known issues, if any.
Third-party software attributions
Version 4.1.0 of the Splunk Add-on for OSSEC does not incorporate any third-party components or libraries.
Troubleshoot the Splunk Add-on for OSSEC
Release notes history for the Splunk Add-on for OSSEC
This documentation applies to the following versions of Splunk® Supported Add-ons: released