Release notes for the Splunk Add-on for Microsoft Security¶
About this release¶
Version 2.4.1 of the Splunk Add-on for Microsoft Security was released on December 5, 2024. It is compatible with the following software, CIM versions, and platforms.
| Splunk platform versions | 9.1.x, 9.2.x, 9.3.x |
|---|---|
| CIM | 5.3.2 |
| Platforms | Windows, Linux based Operating Systems |
| Vendor Products | Microsoft 365 Defender, Defender for Endpoint, Azure Event Hubs, Microsoft Defender Threat Intelligence |
The field alias functionality is compatible with the current version of this add-on. The current version of this add-on does not support older field alias configurations.
For more information about the field alias configuration change, refer to the Splunk Enterprise Release Notes.
Fixed issues¶
Version 2.4.1 of the Splunk Add-on for Microsoft Security fixes the following issues.
Known issues¶
Version 2.4.1 of the Splunk Add-on for Microsoft Security contains the following known issues.
Third-party software attributions¶
Version 2.4.1 incorporates third-party software attributions for the Splunk Add-on for Microsoft Security.