Windows Server 2016 removed as of Universal Forwar...

WL8on · ‎07-31-2024

Why was Windows Server 2016 removed from Splunk Universal Forwarder as of v9.3 (7/30/2024), when Windows Server 2016 is still under extended support until 2027?

WL8on · ‎07-31-2024

So will v9.2.2 of Splunk Universal Forwarder be updated to close future vulnerabilities between now and the end of Windows Server 2016 extended maintenance? If so, how will Windows Server 2016 clients be notified of the alternate stream updates?

PickleRick · ‎07-31-2024

Patching vulnerabilities is a bit different thing than support levels but I would expect Splunk to provide vulnerability fixes during the support period as it has so far (i.e. 9.1.5 was released Jul 1 this year). One correction - support period counts from the 9.2.0 release date, not 9.2.2

EDIT: Just so that we're clear - I'm in no way affiliated with Splunk Inc. and this is just my personal view and prediction. If you want an official Splunk standing, ask your sales representative or support.

PickleRick · ‎07-31-2024

Version 9.2.2 was released on July 1, 2024

That means it's supported "fully" for 24 months since release date and for 36 additional moths at P3 level.

https://www.splunk.com/en_us/legal/splunk-software-support-policy.html

Windows Server 2016 removed as of Universal Forward 9.3

forwarder management

Preparing your Splunk Environment for OpenSSL3

Unleash Unified Security and Observability with Splunk Cloud Platform

Splunk AppDynamics with Cisco Secure Application