Powered by

# Release Notes

Latest release can be found on Splunkbase .

# v1.1.5 LATEST

Released: October 8, 2024

  • Added CSV lookup for ES to use.
  • Added Serial Number to category field - feature request #67
  • Disabled KVstore replication to improve performance.
  • Increased batch size of KVstore lookup to improve performance.
  • Removed type definition for KVstore fields.

Full Changelog: v1.1.4...v1.1.5

# v1.1.4

Released: December 12, 2023

  • Fixed location of the "static" directory. Moved from the "default" directory to the project root.

Full Changelog: v1.1.3...v1.1.4

# v1.1.3

Released: December 7, 2023

  • Added managed configurations for Splunk Enterprise Security to control retention of lookup file --> Schedule Search
  • Deprecating use of the search macro "sa_crowdstrike_retention" and the corresponding saved search.

Full Changelog: v1.1.2...v1.1.3

# v1.1.2

Released: December 1, 2023

  • SplunkWorks updates

This release has no functional changes of the add-on.

# v1.1.1

Released: April 19, 2023
  • New format for the category field, see Category.
    • The cs_ prefix has been removed from many fields.
    • Spaces have been added for easier readability.
  • Hotfix for priority field failing default regex match

# v1.0.5

Released: December 19, 2022

  • Added macro and retention definition to the General Settings in Splunk Enterprise Security

# v1.0.4

Released: November 22, 2022

  • Added managed configuration to Splunk Enterprise Security

# v1.0.3

Released: September 20, 2022

  • added cleanup search to remove old/stale devices
  • added search macro for device retention period
  • updated collection to include last seen field
  • updated lookup generating search to include last time seen

# v1.0.2

Released: September 8,2022

  • added first_seen, last_seen, and last_updated to category field
  • added site_name to existing bunit field
  • Changed app logo background to transparent.
  • Updated saved search to preserve hosts with multiple IP/MAC addresses

# v1.0.1

Released: August 25, 2022

  • Hotfix for missing _key field in saved search.

# v1.0.0

Released: August 25, 2022

  • Initial Release