Fixed issues
The following issues were fixed in releases of the universal forwarder.
9.0.10
Version 9.0.10 was released on July 1, 2024. This release fixes the following universal forwarder issues.
Universal forwarder issues
Date resolved | Issue number | Description |
---|---|---|
2024-03-13 | SPL-252444, SPL-245954 | UF memory utilization by splunk-winevtlog.exe increases until resources are exausted on Domain Controller |
2024-03-12 | SPL-245954, SPL-252444, SPL-252445, SPL-252446 | UF memory utilization by splunk-winevtlog.exe increases until resources are exausted on Domain Controller |
9.0.9
Version 9.0.9 was released on March 27, 2024. This release fixes the following universal forwarder issues. It also delivers relevant updates from the 2024-03-27 Security Advisories list.
Universal forwarder issues
Date resolved | Issue number | Description |
---|---|---|
2024-02-23 | SPL-251515, SPL-237849 | CHECK_METHOD = modtime not working as expected in ver. 9.0.4 upgrading from 8.2.7. |
9.0.8
Version 9.0.8 was released on January 22, 2024. This release fixes the following universal forwarder issues.
Universal forwarder issues
Date resolved | Issue number | Description |
---|---|---|
2023-11-09 | SPL-246707, SPL-245467 | Global OPENSSL_CONF Env caused pre-flight check failure during installation |
9.0.7
Version 9.0.7 was released on November 16, 2023. This release fixes the following universal forwarder issues.
Universal forwarder issues
Date resolved | Issue number | Description |
---|---|---|
2023-10-27 | SPL-246144, SPL-233334 | Warnings "user splunk does not exist" observed while installing rpm builds |
9.0.6
Version 9.0.6 was released on August 30, 2023.
Universal forwarder issues
Date resolved | Issue number | Description |
---|---|---|
2023-08-08 | SPL-240820, SPL-242100, SPL-242101, SPL-242102, SPL-242103 | Windows EventLog splunk-winevtlog.exe modular input crashing during AD object resolution |
9.0.5
Version 9.0.5 was released on May 30, 2023. This release delivers the UF-relevant changes that have a date of 2023-06-01 on the Security Advisories list on the Splunk website. This release also fixes the following universal forwarder issues.
Universal forwarder issues
Date resolved | Issue number | Description |
---|---|---|
2023-03-15 | SPL-236429 | Universal forwarder download for PPCLE kernel 3.0+ is unavailable for version 9.0.2, 9.0.3, 9.0.4 |
2023-03-01 | SPL-236166, SPL-232028 | Windows Defender logs stop being forwarded but other Winevent logs continue to forward until UF is restarted |
2023-02-27 | SPL-236097, CSPL-2216, SPL-236361, SPL-240877 | UF 9.0.x migration fails when systemd errors especially in Docker Containers |
9.0.4
Version 9.0.4 was released on February 14, 2023. This release fixes the following universal forwarder issues.
Universal forwarder issues
Date resolved | Issue number | Description |
---|---|---|
2023-01-18 | SPL-217024, SPL-252644 | Constant Memory growth with Universal Forwarder UDP / TCP inputs and third party forwarding enabled. |
2022-12-05 | SPL-231514, SPL-228406 | UF crash on EventLoop::run assert rv > 0 |
2022-12-01 | SPL-233535, SPL-231086 | UF 9.x Unnecessary user creation during silent installation |
9.0.3
Version 9.0.3 was released on December 14, 2022. This release fixes the following universal forwarder issues:
Universal forwarder issues
Date resolved | Issue number | Description |
---|---|---|
2023-04-14 | SPL-232147 | Debian package failed to start on armv8 agent `re-pkg-arm64` |
2023-03-28 | SPL-237740, SPL-226003 | When forwarding from an 9.0 instance with useAck enabled, ingestion stops after some time with errors: "Invalid ACK received from indexer=" |
2022-11-14 | SPL-231927, SPL-227653 | UF throws erroneous WARN for KVSTORE SSL misconfiguration on startup - server.conf//sslVerifyServerCert or "Starting migrate-kvstore." |
2022-11-02 | SPL-231793 | Crashing in TcpOutEloop thread with assertion_failure="_refCount > 0" |
2022-10-12 | SPL-227653, SPL-231927 | UF throws erroneous WARN for KVSTORE SSL misconfiguration on startup - server.conf//sslVerifyServerCert or "Starting migrate-kvstore." |
2022-09-07 | SPL-226003, SPL-237740 | When forwarding from an 9.0 instance with useAck enabled, ingestion stops after some time with errors: "Invalid ACK received from indexer=" |
9.0.2
Version 9.0.2 was released on November 2, 2022. This release fixes the following universal forwarder issues:
Universal forwarder issues
Date resolved | Issue number | Description |
---|---|---|
2022-09-21 | SPL-222917, SPL-230428 | Crash in indexer discovery service on search head |
2022-09-09 | SPL-229853, SPL-229208 | PowerShell Modular input stopped working after UF 9.0 upgrade |
9.0.1
Version 9.0.1 was released on August 16, 2022. It delivers relevant fixes described in the August 16, 2022 quarterly security patch on the Splunk Product Security page.
9.0.0.1
Version 9.0.0.1 was released on July 20, 2022. This release introduces no changes to universal forwarder functionality. This release is provided only for version parity with Splunk Enterprise 9.0.0.1, which fixes the one issue described in Splunk Enterprise 9.0.0.1 fixed issues.
9.0.0
Version 9.0.0 was released on June 14, 2022. This release fixes no new universal forwarder issues.
Known issues | Third-party software |
This documentation applies to the following versions of Splunk® Universal Forwarder: 9.0.10
Feedback submitted, thanks!