This page summarizes the new features and enhancements in each release of Splunk Cloud Platform. Use the Version drop-down list to see information for other versions of Splunk Cloud Platform.
The product features deployed in your environment might vary depending on your topology, deployment type, and configuration settings.
|New feature, enhancement, or change||Description|
|Federated Search for Amazon S3||Federated Search for Amazon S3 is a new capability to get insights from Amazon S3 buckets without the need for data ingestion. This feature is in preview and will soon be Generally Available for Splunk Cloud Platform customers with AWS cloud stacks, with additional licensing.|
|Federated Search for Splunk - Federated provider name added to search results||When users run federated searches over remote Splunk platform deployments that have been defined as federated providers, the results of those searches include the names of the federated providers that the results were sourced from. Federated provider names appear as values of a |
See Run federated searches over remote Splunk platform deployments in the Splunk platform Federated Search manual.
This feature requires that both your local Splunk platform deployment and the federated providers you are searching over be upgraded to Splunk Cloud Platform 9.0.2305 or higher, Splunk Enterprise 9.0.6 or higher Splunk Enterprise 9.0.x versions, or Splunk Enterprise 9.1.1 or higher.
|Federated Search for Splunk - Lookup command improvements for standard mode federated search||When you use the |
|jQuery 3.5 by default||Splunk Cloud Platform now uses jQuery 3.5 by default. The self-service toggle in the UI to re-enable the old jQuery libraries has been removed. Splunk Cloud administrators can no longer choose to enable lower versions in the Internal Library Settings. Users must use the version 3.5 jQuery libraries that are packaged with the Splunk platform by default. Splunk will remove support for all older versions of jQuery in a future release.|
|Discover Splunk Observability Cloud||Splunk Cloud Platform users can discover, learn about, and request a demo of Splunk's observability solution, Splunk Observability Cloud. Users can learn how to examine their logs in context with metrics and traces in Splunk Observability Cloud to monitor and troubleshoot their systems faster and with more efficiency, promoting enterprise resilience.|
|Dashboard Studio - Post-conversion report||When users convert a Simple XML dashboard with the Clone in Dashboard Studio feature, Dashboard Studio automates as many conversions as possible. The post-conversion report will detail which objects or options need manual adjustments after conversion. For more details, see About conversion from Simple XML to Dashboard Studio.|
|Dashboard Studio - Drilldown: Link to custom search||Users can configure drilldowns from their Dashboard Studio dashboards to custom searches.|
|Dashboard Studio - Drilldown: Link to reports||Users can configure drilldowns from their Dashboard Studio dashboards to reports. For more details, see Linking interactions|
|Dashboard Studio - Events Viewer: Workflow Actions||Users can configure workflow actions to work with their Events Viewer visualizations in Dashboard Studio. For more details, see Events viewer.|
|Dashboard Studio - Bigger better code editor||Dashboard editors can now expand the source code editor while making edits in the UI.|
|Dashboard Studio - Trellis for Single Values||Users can apply a trellis layout for single value, single value icon, and single value radial visualizations. For more details, see Trellis layout.|
|KMS support for Ingest Actions||Splunk Cloud Platform customers now have the ability to use SSE-KMS encryption when leveraging Ingest Actions to write data to customer-owned S3 buckets. This capability is enabled through the configuration of AWS cross-account IAM roles.|
|Hot reload of SSL certificates||The current process of certificate rotation on Splunk Cloud Platform nodes requires a maintenance window scheduled to perform a server restart. This feature introduces a new REST API endpoint to rotate server certificate without restarting the server.|
|Support for OS certificate trust store and certificate management API||Many customers (300+ votes) have asked that Splunk should support integration with existing OS trust/certificate stores that include commonly used public CAs. Without this integration, adding additional CA certificates is a manual process that requires uploading these certificates to the Splunk instance filesystem and updating the config settings for root CA paths.|
|Stats V1 removal||Version 1 of the |
|Deprecated Splunk platform search execution methods||The |
Welcome to Splunk Cloud Platform
Known and fixed issues for
This documentation applies to the following versions of Splunk Cloud Platform™: 9.0.2305 (latest FedRAMP release)