On October 20, 2021, the Splunk App for Windows Infrastructure will reach its end of life. After this date, Splunk will no longer maintain or develop this product. The functionality in this app is migrating to a content pack in Data Integrations. Learn about the Content Pack for Windows Dashboards and Reports.
This documentation does not apply to the most recent version of Splunk® App for Windows Infrastructure (Legacy).
For documentation on the most recent version, go to the latest release.
Release notes
This topic contains information on new features, known issues, and updates as we version the Splunk App for Windows Infrastructure.
The latest version of the Splunk App for Windows Infrastructure was released on Tuesday, December 15, 2015.
What's new
Here is what's new in the latest version of the Splunk App for Windows Infrastructure:
| Publication date | Defect number | Description |
| 2015-11-12 | N/A | Bug fixes. |
| 2015-11-12 | TAG-9715 | The app now works with search head clusters. |
Current known issues
The Splunk App for Windows Infrastructure has the following known issues:
| Publication date | Defect number | Description |
| 2016-2-29 | TAG-10703 | If you configure the Splunk Add-on for Windows to render Windows Event Log events in XML format, some dashboard panels in the app do not display properly. |
| N/A | TAG-8544 | The Host Inventory and Host Overview pages do not function in the app due to a missing configuration in the Splunk Add-on for Windows. To work around the problem, add the following stanza to the inputs.conf in the Splunk Add-on for Windows and deploy it to all of the servers in the environment:
|
| N/A | MSAPP-2259 MSAPP-2277 |
The dashboard builder does not work properly with Internet Explorer version 8 or earlier. To work around the problem, use another Splunk Enterprise-supported browser. |
| N/A | MSAPP-2109 | Some minor artifacts occur when you collapse the "Add Panels" sidebar on the Dashboard Builder page. |
| 2015-11-12 | TAG-9508 | The app causes search heads that run Hunk to generate errors because Hunk attempts to search both real and virtual indexes. |
| 2015-11-12 | TAG-9555 | The split_ldapgroup macro does not split out the member list correctly. This affects the member list panel in the Active Directory > Groups > Group Audit dashboard.
|
| 2015-11-12 | TAG-9913 | The "User" panel of the "Account Lockout Activity" page only shows the latest entry for a user lockout regardless of the number of lockouts a user might have. |
| 2015-11-12 | TAG-10120 | If you install the app on a Linux search head, attempts to access the app on a Windows host with Internet Explorer version 11 fail with a scripting error. To work around the problem, use another Splunk-supported browser. |
| 2015-11-12 | TAG-10194 | Nothing happens when you click on a host in the "Host Overview" dashboard. The expected behavior is to open the "Host Inventory" dashboard with information on the host you selected. |
Change log (what's been fixed)
| Publication date | Defect number | Description |
| 2015-11-12 | TAG-9123 | A problem that prevented most of the Active Directory panels in the app from populating was fixed. |
| 2015-11-12 | TAG-9534 | A problem that prevented the Active Directory > Group Changes and "Membership changes" pages was fixed. |
| 2015-11-12 | TAG-9556 | The Splunk roles "winfra-admin" and "exchange-admin" now have default access to the msad index.
|
| 2015-11-12 | TAG-9719 | The ad-health.ps1 script no longer generates a null-valued expression when it runs on a read-only domain controller (RODC).
|
| 2015-11-12 | TAG-9844 | The "Account Lockout Activity" panel now populates data for Event Code 4740 (a user lockout event.) |
| 2015-11-12 | TAG-9905 | A syntax error that prevented macro expansion for the "Org Units: New" dashboard panel was fixed. |
Last modified on 27 February, 2016
| Best practices guide | Third-party software attributions/credits |
This documentation applies to the following versions of Splunk® App for Windows Infrastructure (Legacy): 1.2.0
Download manual
Feedback submitted, thanks!