Skip to main content

Changelog and Release Notes

Version 6.2.2

Bugfixes

  • Drivers (Windows) [I607]: MD5, SHA1, and SHA256 hashes were often incorrect.
  • Licensing [I597]: tenant name is now optional when performing license checks of Azure AD joined machines.
  • Service (Windows) [I531]: high read count from the file system cache for network service name lookups when Activity Monitoring was enabled.

Release notes

  • Dashboards [B664]: updated the Splunk SDK for Python to version 1.6.18.

Known issues

  • Application errors (macOS): crash report collection is not yet supported on macOS Monterey or newer. It is supported on macOS Catalina and macOS BigSur.
  • Boot duration (Windows): the metrics TotalBootTimeMs, MainPathBootTimeMs and PostBootTimeMs cannot be determined for every system boot.
  • Browsers/IE add-on (Windows): metrics are not collected on page reload.
  • Browsers/IE add-on (Windows): metrics are collected incompletely for the configured start page.
  • Browsers/IE add-on (Windows) monitoring does not work if IE is published from Citrix Virtual Apps. It does work from Citrix Virtual Desktops, however.
  • Citrix ADC: in very rare cases the content of the Virtual Server Performance field vServerName contains spaces in wrong places.
  • Citrix site monitoring (Windows): data collection issue if the Citrix Remote Powershell SDK (required for Citrix Cloud monitoring) is installed on a CVAD controller.
  • Citrix XA/XD Machines (Windows): when running the Citrix VDA on a Citrix Delivery Controller, some per-machine information is missing.
  • Experience score [I377]: scheduled searches generate three warnings in Splunk’s _internal index every 30 minutes. The messages look like the following: DateParserVerbose - Failed to parse timestamp in first MAX_TIMESTAMP_LOOKAHEAD (128) characters of event.. However, there is no impact on uberAgent’s functionality.
  • GPU (Windows) [I33]: values for the fields ComputeUsagePercentAllEngines, ComputeUsagePercentEngine0 and similar can be higher than 100 with Intel Iris GPUs on Windows Server 2016 1607.
  • Kafka [I291]: in rare cases sending data to Kafka results in a SEC_E_BUFFER_TOO_SMALL error message in the logfile. This should have no affect; the transmission is repeated and succeeds on the second try.
  • NetworkTargetPerformance (macOS) [I550]: in rare cases the values for NetTargetSendJitterMs, NetTargetSendLatencyMs and NetTargetSendLatencyInitialMs can be calculated incorrectly which leads to huge values.
  • Performance [I372] (macOS): running uberAgent has a noticeable impact on I/O performance of small writes. If the config flag DisableESFileSystemMonitoring is enabled, performance is not impacted, but the fields ProcIOWriteCount and ProcIOPSWrite are not available in uberAgent:Process:ProcessDetail.
  • Update inventory (Windows): not all installed Windows updates may be reported due to API limitations.
  • Volume inventory (macOS): the encryption status of mounted read-only APFS snapshots may not be reported due to API limitations. This includes the root directory volume in a default installation of macOS.
  • Crash reports (macOS) [I608]: the field FaultOffset in the sourcetype uberAgent:Application:Errors is erroneously sent as an absoulte address instead of an offset relative to the base image address.
  • Crash reports (macOS) [I600]: events with the sourcetype uberAgent:Application:Errors are sent with the timestamp of the detection of a crash, not the timestamp of crash itself.

Comments

Your email address will not be published. Required fields are marked *