All Apps and Add-ons
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Sideview Utils 2.x and ES 2.4

jasontetlow_esp
Engager
‎08-14-2013 04:21 PM

In the documentation it states that ES is not compatible with Sideview Utils versions 2.x.

What specifically are the problems. I've got ES 2.4 installed, and accidentally installed the 2.6.3 version of Sideview Utils...(Looking for the functionality, and didn't see the footnote in the documentation for ES before installing). I've since looked through the ES dashboards and vies and am not seeing any issues...initially.

My question is what exactly are the issues with ES and Sideview Utils 2.x? My take on it (we don't yet have ES tuned as we're still in the first two weeks) is that the time savings with the latest version almost outweighs the benefit of ES. I would like to resolve any issues and/or get an understanding on when the issues will be resolved.

Reply

LukeMurphey
Champion
‎08-15-2013 12:37 PM

Check the Security Posture dashboard. Some versions of SVU 2.X broke that page (might be fixed now though).

Also, check the multi-select dropdowns; I want to say that those had broken but I'm not sure.

0 Karma
Reply

sideview
SplunkTrust
SplunkTrust
‎08-14-2013 10:37 PM

For what it's worth there are no compatibility issues that I know of. Sideview Utils 2.X is backwards compatible with all the features and params of 1.3.X, so 2.6.2 should work fine with Enterprise Security.

All Splunk apps have that same disclaimer but I know that a lot of SoS users and users of other Splunk-owned apps have upgraded to Sideview Utils 2.X without issue. Specific to ES, I remember 6 months ago or more, there was one ES user who had upgraded to Sideview Utils 2.X and he did find and report an incompatibility but it was just a bug and it was fixed in a maintenance release days later. If you see anything that seems off feel free to contact me.

Indeed the improvements from Sideview Utils 1.3 to 2.6.2 are huge. hundreds of bug fixes, new features, new modules, performance improvements not to mention improved docs and examples.

I think the reason Splunk states that the app is not compatible with Sideview Utils 2.X is because they do not test it with 2.X. The licensing for Sideview Utils changed in 2.X, switching from LGPL to the Sideview Free Internal Use License. The new licensing still allows end-users like yourself to use Sideview Utils here, but if Splunk were to use features and improvements from 2.X in their apps they would have to buy a different license from Sideview. I think Splunk decided not to pursue this licensing for any of their apps, which leaves them only able to develop their apps against the old 1.3.X LGPL versions.

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Design, Compete, Win: Submit Your Best Splunk Dashboards for a .conf26 Pass

Hello Splunkers,  We’re excited to kick off a Splunk Dashboard contest! We know that dashboards are a primary ...

May 2026 Splunk Expert Sessions: Security & Observability

Level Up Your Operations: May 2026 Splunk Expert Sessions Whether you are refining your security posture or ...

Network to App: Observability Unlocked [May & June Series]

In today’s digital landscape, your environment is no longer confined to the data center. It spans complex ...