uberAgent 4.2: Splunk 7.0, Simplified Operations, Elasticsearch Improvements

We are happy to announce the newest version of our user experience and application performance monitoring product. uberAgent 4.2 brings new features and improvements for any kind of device.

For a full list of all improvements and bugfixes please consult the change log. As always, upgrading is highly recommended (instructions).

Splunk 7.0

uberAgent 4.2 adds full support for the latest version 7.0 of Splunk Enterprise and Splunk Cloud.

Central License File Management

Before uberAgent 4.2 license files had to be distributed along with the agent installation package. That was easy in environments with a single master image file, like Citrix PVS. Customers with tens of thousands of laptops, however, found it a lot harder to roll out new licenses to their endpoints.

uberAgent 4.2 greatly simplifies license file management. All you have to do is set up a file share with read permissions for computer accounts, drop your uberAgent license there and configure the share path in uberAgent’s new configuration option LicenseFilePath. Endpoints will periodically check LicenseFilePath for new licenses. If any are found that are not yet cached locally, the new license files are copied to the local license cache directory.

There is no need for the configured license file path to be available all of the time. Endpoints always use the local license cache for license validation. Of course, there is no requirement to set up a central license file path, either. If deploying the license file along with the agent installation package works for you: great, you are all set.

Elasticsearch Improvements

uberAgent 4.2 comes with important improvements for our Elasticsearch customers.


uberAgent now supports X-Pack authentication. This ensures that only validated endpoints can send data to the backend.

Ingest Pipelines

The ability to modify and enrich data before the indexing stage adds a great deal of flexibility to the Elasticsearch platform. Customers can new reference their ingest pipelines from uberAgent so that uberAgent data traverses the pipeline before being indexed.

More Improvements

Custom Scripts

uberAgent’s custom script execution engine, capable of running user-supplied scripts in machine or user context, now supports Elasticsearch as well as Splunk HTTP Event Collector (HEC) backends.

Monitor Inventory

uberAgent’s hardware inventory now collects information about the physical monitors attached to the machine along with their respective resolutions.

About uberAgent

uberAgent is a Windows user experience analytics and application performance monitoring product. Its highlights include detailed information about boot and logon duration (showing why and when boots/logons are slow), application unresponsiveness detection, network reliability drilldowns, process startup duration, application usage metering, browser performance per website and remoting protocol insights.

About vast limits

vast limits GmbH is the company behind uberAgent, the innovative user experience and application performance monitoring product. Our customer list includes organizations from industries like finance, healthcare, professional services and education, ranging from medium-sized businesses to global enterprises. vast limits’ network of qualified solution partners ensures best-in-class service and support anywhere in the world.

Our founder, Helge Klein, is an experienced consultant and developer who architected the user profile management product whose successor is now available as Citrix Profile Management. In 2009 Helge received the Citrix Technology Professional (CTP) award, in 2011 he was nominated a Microsoft Most Valuable Professional (MVP), in 2014 he was a Splunk Revolution Award Winner, in 2015 he became a VMware vExpert. Helge frequently presents at conferences and user group events like Citrix Synergy, Splunk .conf, BriForum or E2EVC.

Leave a Reply

Your email address will not be published. Required fields are marked *