Splunk® App for CEF

Release Notes

Acrobat logo Download manual as PDF


Announcing the End of Life (EOL) and End of Support (EOS) for the Splunk App for CEF. As of July 30, 2021, the Splunk App for CEF is EOL and no longer available on Splunkbase. Customers who have already been using the Splunk App for CEF will continue to receive support until the EOS date of April 2, 2022.
This documentation does not apply to the most recent version of CEFapp. Click here for the latest version.
Acrobat logo Download topic as PDF

New features for the Splunk App for CEF

The Splunk App for CEF 2.0.x includes the following new features:

  • Increased performance for event forwarding by moving the output task to the indexers.
  • Increased search performance and throughput.
  • Improved user experience for the configuration of your CEF output.
  • Support for Windows environments.
  • Support for running the app on a search head cluster.

The Splunk App for CEF is compatible with Splunk Enterprise versions 6.4.4 and above. The app is not supported on Splunk Cloud at this time.

For a list of fixed issues in this version, see Fixed issues for the Splunk App for CEF.

For a list of known issues in this version, see Known issues for the Splunk App for CEF.

For more about the new technical implementation in this version, see How the Splunk App for CEF works.

To get started, see Installation and configuration overview for the Splunk App for CEF.

Last modified on 24 July, 2018
  NEXT
Known issues for the Splunk App for CEF

This documentation applies to the following versions of Splunk® App for CEF: 2.0.0, 2.0.1


Was this documentation topic helpful?

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters