Splunk Enterprise Security

Splunk ES and CIM compatibility for upgrade?

spectrum2035
Explorer

Hello,

We would like to use the latest CIM version (4.13.0) in order to use the Endpoint datamodel which is not available in the earlier CIM version.

Our Splunk ES is on 5.1.0 with CIM (4.11.0).

If I upgrade CIM without upgrading the Splunk ES, will that be an issue?

Labels (1)
0 Karma
1 Solution

amitm05
Builder

I think your CIM compatibility has to be with Splunk Versions which needs to be 7.2 OR 7.1 for CIM 4.13.

And then your ES App also has to be compatible with Splunk Versions which in your case is -
5.1 (ES) which goes with 7.1 OR 7.2.

So, your CIM and ES App would be compatible to each other.
You can refer the compatible versions of CIM, ES App and Splunk from here -
https://splunkbase.splunk.com/app/263/

Please accept as answer if this responds to your query, Thanks.

View solution in original post

pellegrini
Path Finder

The release note of ES lists the preferred CIM version. For ES there is no longer any info about supported CIM versions in Splunkbase.

https://docs.splunk.com/Documentation/ES/7.0.1/RN/Enhancements#Updated_add-ons

0 Karma

amitm05
Builder

I think your CIM compatibility has to be with Splunk Versions which needs to be 7.2 OR 7.1 for CIM 4.13.

And then your ES App also has to be compatible with Splunk Versions which in your case is -
5.1 (ES) which goes with 7.1 OR 7.2.

So, your CIM and ES App would be compatible to each other.
You can refer the compatible versions of CIM, ES App and Splunk from here -
https://splunkbase.splunk.com/app/263/

Please accept as answer if this responds to your query, Thanks.

spectrum2035
Explorer

Thanks amitm05

0 Karma
Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

(view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...