Skip to content

Release notes for the Splunk Add-on for Unix and Linux

Version 10.2.0 of the Splunk Add-on for Unix and Linux was released .

Compatibility

Version 10.2.0 of the Splunk Add-on for Unix and Linux is compatible with the following software, CIM versions, and platforms:
Splunk platform versions 9.3.x, 9.4.x, 10.x
CIM 6.2.0
Supported OS for data collection All supported Unix operating systems. See Unix operating systems.
Vendor products All supported Unix operating systems. See Unix operating systems.

See the Scripted input reference for the Splunk Add-on for Unix and Linux page in the Reference chapter of this manual to learn more about scripted inputs and their operating system compatibility.

Note

The field alias functionality is compatible with the current version of this add-on. The current version of this add-on does not support older field alias configurations.

For more information about the field alias configuration change, refer to the Splunk Enterprise Release Notes.

New features

Version 10.2.0 of the Splunk Add-on for Unix and Linux has the following new features:

  • Added support for the following newer operating system versions:
    • MacOS 15.6.1
    • RHEL 10
    • OEL 10
    • RockyLinux 10
    • AlmaLinux 10
    • FreeBDS 14.3
  • Enhanced the ps.sh and ps_metric.sh to include username with 32 chars length in the output
  • Enhanced process_name field extraction in sourcetype=ps to extract the name of the process only
  • Fixed issue where simultaneous execution of hardware.sh, vmstat.sh, and vmstat_metrics.sh caused log overwrites due to a shared error log file in hardware.sh
  • Updated nfsiostat.sh to make it compatible with latest OS versions
  • To resolve the issue of missing searches in LISPY creation, the search time fields extractions of the following sourcetypes was updated and enhanced:
    • syslog
    • linux_secure
    • aix_secure
    • osx_secure
  • Added support of CIM v6.2.0
    • Added session_id CIM field extraction in Authentication data model for sourcetype linux_audit

Fixed issues

Version 10.2.0 of the Splunk Add-on for Unix and Linux has the following known issues. If no issues appear here, no issues have yet been reported:

Known issues

Version 10.2.0 of the Splunk Add-on for Unix and Linux has the following known issues. If no issues appear here, no issues have yet been reported:

Third-party software attributions

The Splunk Add-on for Unix and Linux does not use third-party software or libraries.