All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Does Splunk for MS AD Objects 3.2.9 work on Splunk Enterprise 8.0.x?

napomokoetle
Communicator
‎05-14-2020 02:31 AM

Hi,

Has anyone run the MS Windows AD Objects version 3.2.9 APP on Splunk Enterprise 8.0.x?
If so, how was your experience... did you get it to work... did you have to do anything special to get it working?

Any one know when might a version of the APP compatible with Splunk Enterprise 8.0.x be available?

Thanks in advance for your feedback.

0 Karma
Reply

shogan_splunk
Splunk Employee
Splunk Employee
‎08-27-2020 04:46 AM

Fyi, I just released an Update, version 4.0.3 that now fully supports Splunk Version 8.x.   Although 3.2.9 would work, the dashboards with the tabs had issues.   

FYI, Version 4.0.3 has a lot of changes, with the biggest part consisting of now using the KVstore vs csv lookups.   This was needed for scalability purposes, but does greatly improve performance with synchronizing the lookups (ie applying diffs vs full rebuilds) and with performing lookups (Ex. ...| lookup lookup_usr AS src_user OUTPUT cn AS Admin_User).   I also now use macro's for pointing to the indexes, instead of eventtypes.   

If you are upgrading, or doing a new install, you will need to walk through the Configuration - Getting Data In dashboard to verify/update the appropriate macros and migrate/build the new kvstore lookups.  

Tags (1)
0 Karma
Reply
Get Updates on the Splunk Community!

Mission Control | Explore the latest release of Splunk Mission Control (2.3)

We’re happy to announce the release of Mission Control 2.3 which includes several new and exciting features ...

Cloud Platform | Migrating your Splunk Cloud deployment to Python 3.7

Python 2.7, the last release of Python 2, reached End of Life back on January 1, 2020. As part of our larger ...

Splunk Observability Cloud | Enhancing Your Onboarding Experience with the ...

We understand that your initial experience with getting data into Splunk Observability Cloud is crucial as it ...