Release history for the Splunk Add-on for Infoblox¶
The latest version of the Splunk Add-on for Infoblox is version 2.2.0. See Release notes for the Splunk Add-on for Infoblox for the release notes of this latest version.
Version 2.1.0¶
Version 2.1.0 of the Splunk Add-on for Infoblox was released on November 10, 2021.
Compatibility¶
Version 2.0.1 of the Splunk Add-on for Infoblox is compatible with the following software, CIM versions, and platforms.
| Component | Description |
|---|---|
| Splunk platform versions | 8.1.x, 8.2.x |
| CIM | 4.20.2 |
| Platforms | Platform independent |
| Vendor Products | NIOS 8.4.x, 8.5.2 |
Note
The field alias functionality is compatible with the current version of this add-on. The current version of this add-on does not support older field alias configurations.
For more information about the field alias configuration change, see the Splunk Enterprise Release Notes.
New features¶
Version 2.1.0 of the Splunk Add-on for Infoblox contains the following new features:
- Added support for Infoblox NIOS v8.5.2 CIM mapping and Enhancements
- Add-on now extracts the ‘dns_view’ field for DNS response logs under the ‘infoblox:dns’ sourcetype
- Audit logs when a user account is unlocked in Infoblox are now mapped to Change.Account_Management data model
- Log events when network entities like DnsView, AtpProfile, NSGroup, ARecord, ResponsePolicyZone are created or modified, are now mapped to Change:Network_Changes DM
- Extracted new CIM field ‘user_name’ for events mapped to Change data model
- Added support of CIM 4.20.2
- Removed support for Splunk 7.x and 8.0.
Fixed issues¶
Version 2.1.0 of the Splunk Add-on for Infoblox fixes the following issues:
Known issues¶
Version 2.1.0 of the Splunk Add-on for Infoblox has the following known issues. If no issues appear on this page, no issues have yet been reported:
Version 2.0.1¶
Version 2.0.1 of the Splunk Add-on for Infoblox was released on April 19, 2021.
Compatibility¶
Version 2.0.1 of the Splunk Add-on for Infoblox is compatible with the following software, CIM versions, and platforms.
| Component | Description |
|---|---|
| Splunk platform versions | 7.2.x, 7.3.x, 8.0.x, 8.1.x |
| CIM | 4.17 |
| Platforms | Platform independent |
| Vendor Products | NIOS 8.4.x |
Note
The field alias functionality is compatible with the current version of this add-on. The current version of this add-on does not support older field alias configurations.
For more information about the field alias configuration change, see the Splunk Enterprise Release Notes.
New features¶
Version 2.0.1 of the Splunk Add-on for Infoblox contains the following new features:
- Added
dhcpCIM tag for theDHCPACKandDHCPRELEASEevents
Fixed issues¶
Version 2.0.1 of the Splunk Add-on for Infoblox fixes the following issues:
Known issues¶
Version 2.0.1 of the Splunk Add-on for Infoblox has the following known issues. If no issues appear on this page, no issues have yet been reported:
Version 2.0.0¶
Version 2.0.0 of the Splunk Add-on for Infoblox was released on October 20, 2020.
Compatibility¶
Version 2.0.0 of the Splunk Add-on for Infoblox is compatible with the following software, CIM versions, and platforms.
| Component | Description |
|---|---|
| Splunk platform versions | 7.2.x, 7.3.x, 8.0.x |
| CIM | 4.17 |
| Platforms | Platform independent |
| Vendor Products | NIOS 8.4.x |
Note
The field alias functionality is compatible with the current version of this add-on. The current version of this add-on does not support older field alias configurations.
For more information about the field alias configuration change, see the Splunk Enterprise Release Notes.
New features¶
Version 2.0.0 of the Splunk Add-on for Infoblox contains the following new features:
- Support for Infoblox NIOS v8.4.4.
- Support for Splunk Connect for Syslog.
- Audit logs support for Infoblox NIOS version 8.4.4
- The following Common Information Model (CIM) compatibility enhancements:
- Improved event type definition to map events to the CIM data models.
- Removed the
dest_categoryandsrc_categoryfield extraction from the DHCP events since these fields are automatically provided by asset and identity correlation features of applications like Splunk Enterprise Security. - Replaced
src,src_ip,src_macandsrc_nt_hostfields withdest,dest_ip,dest_mac, anddest_nt_hostfields respectively for the DHCP events.src*fields are not applicable to DHCP events. -
Updated action field extraction for the following DHCP events:
DHCP Event Action value Description DHCPACK added The DHCPACK event notifies that the client is added to the network. DHCPRELEASE blocked A client to server message. Indicates that the client gives up use of the network address and cancels the remaining time on the lease. DHCPNAK blocked A server to client negative acknowledgment. Indicates that the client’s understanding of the network address is incorrect (for example, if the client has moved to a new subnet), or a client’s lease has expired.
Fixed issues¶
Version 2.0.0 of the Splunk Add-on for Infoblox fixes the following issues:
Known issues¶
Version 2.0.0 of the Splunk Add-on for Infoblox has the following known issues. If no issues appear on this page, no issues have yet been reported:
Version 1.1.0¶
Version 1.1.0 of the Splunk Add-on for Infoblox was released on November 2, 2018.
Compatibility¶
Version 1.1.0 of the Splunk Add-on for Infoblox is compatible with the following software, CIM versions, and platforms.
| Component | Description |
|---|---|
| Splunk platform versions | 6.6.x, 7.0.x, 7.1.x, 7.2, 8.0 |
| CIM | 4.11 |
| Platforms | Platform independent |
| Vendor Products | NIOS 6.10, NIOS 8.x |
New features¶
- Support for the NIOS 8.x log format
- The new sourcetype
infoblox:threatprotectsupports the threat-protect event log of NIOS-8.x - Existing sourcetype
infoblox:dnsnow supports RPZ QNAME messages
Fixed issues¶
Version 1.1.0 of the Splunk Add-on for Infoblox fixes the following issues:
Known issues¶
Version 1.1.0 of the Splunk Add-on for Infoblox has the following known issues. If no issues appear on this page, no issues have yet been reported:
Version 1.0.2¶
| Component | Description |
|---|---|
| Splunk platform versions | 6.3 or later |
| CIM | 4.3 or later |
| Platforms | Platform independent |
| Vendor Products | Infloblox NIOS 6.10 |
Fixed issues¶
Version 1.0.2 of the Splunk Add-on for Infoblox fixes the following issues.
Known issues¶
Version 1.0.2 of the Splunk Add-on for Infoblox contains no known issues.
Version 1.0.1¶
Version 1.0.1 of the Splunk Add-on for Infoblox has the same compatibility specifications as version 1.0.2.
Fixed issues¶
Version 1.0.1 of the Splunk Add-on for Infoblox fixes the following issues:
Known issues¶
Version 1.0.1 of the Splunk Add-on for Infoblox contains no known issues.
Version 1.0.0¶
Version 1.0.0 of the Splunk Add-on for Infoblox has the same compatibility specifications as version 1.0.1.
New features¶
Version 1.0.0 of the Splunk Add-on for Infoblox had the following new features.
- Create a new add-on for Infoblox NIOS.
Known issues¶
Version 1.0.0 of the Splunk Add-on for Infoblox contains no known issues.