
Release notes for the Splunk Add-on for Windows
Version 8.7.0 of the Splunk Add-on for Windows was released on April 21, 2023.
The Splunk Add-on for Windows DNS version 1.0.1 and the Splunk Add-on for Windows Active Directory version 1.0.0 are not supported when installed alongside the Splunk Add-on for Windows versions 6.0.0 and higher. The Splunk Add-on for Windows versions 6.0.0 and higher includes the Splunk Add-on for Windows DNS and the Splunk Add-on for Microsoft Active Directory.
Compatibility
Version 8.7.0 of the Splunk Add-on for Windows is compatible with the following software, CIM versions, and platforms:
Splunk platform versions | 8.1.x, 8.2.x, 9.0.x |
CIM | 4.15 and later |
Platform | Windows |
Vendor Products | Windows Server 2022, Windows 11, Windows Server 2019, Windows 8.1, Windows 10, Windows Server 2012/2012 R2, Windows Server 2016, Microsoft Active Directory, Microsoft Windows DNS Server |
New or changed features
Version 8.7.0 of the Splunk Add-on for Windows has the following new or changed features:
- Tagged Windows DNS logs collected in MSAD:NT6:DNS sourcetype with NetworkResolution:DNS data model and mapped the relevant CIM fields.
See CIM model and Field Mapping changes for MSAD:NT6:DNS for more details on the Event Code changes.
Fixed Issues
Version 8.7.0 of the Splunk Add-on for Windows fixes the following issues:
Date resolved | Issue number | Description |
---|---|---|
2023-05-03 | ADDON-61555 | src_nt_domain field extracting value from next line when "Security_ID" field is missing for source WinEventLog:Security |
Known Issues
Version 8.7.0 of the Splunk Add-on for Windows contains the following known issues. If no issues appear below, no issues have yet been reported:
PREVIOUS Source types for the Splunk Add-on for Windows |
NEXT Hardware and software requirements for the Splunk Add-on for Windows |
This documentation applies to the following versions of Splunk® Supported Add-ons: released
Feedback submitted, thanks!