Skip to main content

Changelog and Release Notes

Version 6.2.3

Note: in this release, only the UXM and ESA Splunk dashboard apps were updated. The Windows and macOS endpoint agents were not changed compared to 6.2.2 (except for the version number increment).

Bugfixes

  • Dashboards [I601]: reimplemented custom single value visualization to fix JavaScript error in Splunk Cloud.
  • Dashboards [I598]: fixed a custom JavaScript error on the Machine Storage dashboard.

Known issues

  • Application errors (macOS): crash report collection is not yet supported on macOS Monterey or newer. It is supported on macOS Catalina and macOS BigSur.
  • Boot duration (Windows): the metrics TotalBootTimeMs, MainPathBootTimeMs and PostBootTimeMs cannot be determined for every system boot.
  • Browsers/IE add-on (Windows): metrics are not collected on page reload.
  • Browsers/IE add-on (Windows): metrics are collected incompletely for the configured start page.
  • Browsers/IE add-on (Windows) monitoring does not work if IE is published from Citrix Virtual Apps. It does work from Citrix Virtual Desktops, however.
  • Citrix ADC: in very rare cases the content of the Virtual Server Performance field vServerName contains spaces in wrong places.
  • Citrix site monitoring (Windows): data collection issue if the Citrix Remote Powershell SDK (required for Citrix Cloud monitoring) is installed on a CVAD controller.
  • Citrix XA/XD Machines (Windows): when running the Citrix VDA on a Citrix Delivery Controller, some per-machine information is missing.
  • Experience score [I377]: scheduled searches generate three warnings in Splunk’s _internal index every 30 minutes. The messages look like the following: DateParserVerbose - Failed to parse timestamp in first MAX_TIMESTAMP_LOOKAHEAD (128) characters of event.. However, there is no impact on uberAgent’s functionality.
  • GPU (Windows) [I33]: values for the fields ComputeUsagePercentAllEngines, ComputeUsagePercentEngine0 and similar can be higher than 100 with Intel Iris GPUs on Windows Server 2016 1607.
  • Kafka [I291]: in rare cases sending data to Kafka results in a SEC_E_BUFFER_TOO_SMALL error message in the log file. This should have no effect; the transmission is repeated and succeeds on the second try.
  • NetworkTargetPerformance (macOS) [I550]: in rare cases the values for NetTargetSendJitterMs, NetTargetSendLatencyMs and NetTargetSendLatencyInitialMs can be calculated incorrectly which leads to huge values.
  • Performance [I372] (macOS): running uberAgent has a noticeable impact on I/O performance of small writes. If the config flag DisableESFileSystemMonitoring is enabled, performance is not impacted, but the fields ProcIOWriteCount and ProcIOPSWrite are not available in uberAgent:Process:ProcessDetail.
  • Update inventory (Windows): not all installed Windows updates may be reported due to API limitations.
  • Volume inventory (macOS): the encryption status of mounted read-only APFS snapshots may not be reported due to API limitations. This includes the root directory volume in a default installation of macOS.
  • Crash reports (macOS) [I608]: the field FaultOffset in the sourcetype uberAgent:Application:Errors is erroneously sent as an absoulte address instead of an offset relative to the base image address.
  • Crash reports (macOS) [I600]: events with the sourcetype uberAgent:Application:Errors are sent with the timestamp of the detection of a crash, not the timestamp of crash itself.

Comments

Your email address will not be published. Required fields are marked *