Splunk® IT Essentials Learn

Release Notes for Splunk IT Essentials Learn

Acrobat logo Download manual as PDF


This documentation does not apply to the most recent version of Splunk® IT Essentials Learn. For documentation on the most recent version, go to the latest release.
Acrobat logo Download topic as PDF

Release notes for Splunk IT Essentials Learn

Splunk IT Essentials Learn version 1.1.3 was released on March 21, 2022.

Compatibility

Splunk IT Essentials Learn is compatible with the following software, CIM versions, and platforms.

Splunk platform versions 7.3, 8.x and higher
CIM Not supported
Supported OS for data collection Platform independent
Vendor products None

New features

This version of Splunk IT Essentials Learn contains the following new procedures.

AWS Cloud Infrastructure procedures

  • Collect search and analyze logging output from any AWS Cloudwatch logs
  • Determine users that haven't accessed the system for extended periods of time
  • Identify EBS volumes without a recent snapshot - IT Essentials Work
  • Identify overprovisioned EC2 instances
  • Identify public S3 Buckets and who applied the policy
  • Identify resources missing a specific tag
  • Identify resources with non-compliant Config rules
  • Identify unattached EBS volumes - IT Essentials Work
  • Identify underprovisioned EC2 instances
  • Identify unused Elastic IPs with no attached instances
  • Search analyze and troubleshoot logging output from AWS Lambda functions
  • Take an inventory of EBS volumes
  • Take an inventory of EC2 instances
  • Track changes made to cloud infrastructure
  • View and alert on critical AWS Lambda metrics (invocations duration throttles etc.)
  • View and alert when AWS Cloudtrail logging becomes disabled
  • View geographic access to S3 Buckets
  • View health of critical AWS infrastructure from cloudwatch metrics
  • Visualize and analyze common resource tags and tag values
  • Visualize the topology of AWS infrastructure

Azure Cloud Infrastructure procedures

  • Collect search and analyze logging output from any Azure Event Hub logs
  • Determine Azure Active Directory users that haven't accessed the system for extended periods of time
  • Get a list of public IP addresses
  • Identify Azure Load Balancers with no healthy instances
  • Identify overprovisioned Virtual Machines
  • Identify public Storage Blobs and who applied the policy
  • Identify public Storage Blobs with anonymous access traffic
  • Identify resources with no associated tags
  • Identify resources with non-compliant policy rules
  • Identify underprovisioned Virtual Machines
  • Identify unused public IPs
  • Track changes made to Azure cloud infrastructure
  • View health of critical Azure infrastructure from Azure Monitor metrics
  • Visualize and analyze common Azure resource tags and tag values

GCP Cloud Infrastructure procedures

  • Collect search and analyze logging output from GCP logs
  • GCP Instance Errors and Warnings
  • GCP List of live migrated hosts
  • Identify Compute Disks with throttled operations
  • Identify GCP Compute Disks without snapshot policies
  • Identify GCP compute instances with missing labels
  • Identify GCP reserved static address without attached instance
  • Identify overprovisioned Compute instances
  • Identify public GCS Buckets and who applied the policy
  • Identify unattached GCP Compute Disks
  • Identify underprovisioned Compute instances
  • List Google Cloud Function Operations
  • List Google Cloud Function Performance Metrics
  • List Load Balancers with unhealthy host counts
  • Take an inventory of GCP Compute Disks
  • Take an inventory of GCP compute instances
  • Take an inventory of GCP load balancers
  • Take an inventory of GCP VPCs
  • Track changes made to GCP cloud infrastructure
  • View and alert when Audit Logging becomes disabled
  • View geographic access to GCS Storage Buckets
  • View health of critical GCP infrastructure from metrics

Unix and Linux Server procedures

  • Alert when CPU utilization is nearing capacity - Linux - IT Essentials Work

VMware Cloud Infrastructure procedures

  • Identify datastores with highest utilization - IT Essentials Work
  • Identify ESXi host version(s) - IT Essentials Work
  • Identify ESXi hosts with high CPU sum ready - IT Essentials Work
  • Identify ESXi hosts with high CPU sum ready - Splunk Infrastructure Monitoring
  • Identify ESXi hosts with sustained high ballooning - IT Essentials Work
  • Identify ESXi hosts with sustained high swapping - IT Essentials Work
  • Identify ESXi hosts with sustained high swapping - Splunk Infrastructure Monitoring
  • Identify recently triggered vSphere alarms - IT Essentials Work
  • Identify virtual machines with large file size utilization - IT Essentials Work
  • Track VMotion events for a Virtual Machine - IT Essentials Work
  • View health of critical VMWare components - IT Essentials Work
  • View health of critical VMWare components - Splunk Infrastructure Monitoring
  • Visualize the topology of the VMWare environment - IT Essentials Work
  • VMware vCenter Console Logins - IT Essentials Work
  • VMWare vSphere Configuration Changes - IT Essentials Work

Web Servers Application procedures

  • Continuously monitor and alert on SSL certificate expirations using a basic synthetic check
  • Continuously monitor and alert on URL response code using a basic synthetic check
  • Continuously monitor and alert on URL response times using a basic synthetic check

Fixed issues

This version of Splunk IT Essentials Learn has the following reported fixed issues. If no issues appear below, no issues have yet been reported.

Issue number Description
ITE-353 Memory leak in procedure searches
ITE-406 Instrumentation is failing on search head clusters


Date resolved Issue number Description
2022-03-17 ITE-406 Instrumentation is failing on SHC
2022-01-21 ITE-353 Memory leak in procedure searches

Known issues

This version of Splunk IT Essentials Learn has the following reported known issues and workarounds. If no issues appear below, no issues have yet been reported.

Issue number Description
ITE-416 ITE-L basic functionality is broken with KVService
Last modified on 12 October, 2022
PREVIOUS
Share data in Splunk IT Essentials Learn 		 

This documentation applies to the following versions of Splunk® IT Essentials Learn: 1.1.3

Was this documentation topic helpful?


You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters