Skip to content

Latest commit

 

History

History
1403 lines (972 loc) · 43.6 KB

CHANGELOG.md

File metadata and controls

1403 lines (972 loc) · 43.6 KB
Raw

Changelog

⚠️DEPRECATION NOTICE
We are no longer releasing Debian images on Docker Hub as of May 2021 (Splunk Enterprise v8.2.0+). Red Hat images will continue to be published.

Navigation

9.2.1

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Docs updated
  • Bugfixes

9.2.0.1

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Docs updated
  • Bugfixes

9.2.0

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Docs updated
  • Bugfixes

9.1.4

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Docs updated
  • Bugfixes

9.1.3-patch1

What's New?

  • Install busybox 1.36.1 for remediation of CVE-2022-28391 and CVE-2022-30065

docker-splunk changes:

splunk-ansible changes:

  • Docs updated
  • Bugfixes

9.1.3

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Docs updated
  • Bugfixes

9.1.2

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Docs updated
  • Bugfixes

9.1.1

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Docs updated

9.1.0.2

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Docs updated

9.1.0.1

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Docs updated

9.0.9

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

9.0.8

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

9.0.7

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

9.0.6

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

9.0.5.1

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Docs updated

9.0.5

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Bugfixes
  • Increase timeout for Splunk process to be up and running

9.0.4.1

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Bugfixes

9.0.4

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Bugfixes

9.0.2

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Bugfixes

9.0.1

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Bugfixes

9.0.0.1

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Bugfixes

9.0.0

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Patch support for new major Splunk release
  • Documentation updates + bugfixes

8.2.12

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

8.2.11

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

8.2.10

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

8.2.9

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Bugfixes

8.2.8

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Bugfixes

8.2.7

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Bugfixes

8.2.6

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Bugfixes

8.2.5

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Bugfixes

8.2.4

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Bugfixes

8.2.3.3

What's New?

8.2.3.2

What's New?

8.2.3

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Bugfixes

8.2.2

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Support for installing apps directly to a given path using app_paths_install. See our documentation for details.

8.2.1

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

  • Bumping Splunk version. For details, see Fixed issues for 8.2.1
  • Updated teardown for more graceful shutdown
  • Bugfixes and documentation updates

splunk-ansible changes:

  • Added support for installing apps locally on a Cluster Manager or Deployer instance using apps_location_local

8.2.0

What's New?

  • Releasing new images to support Splunk Enterprise release.
  • Deprecated Debian image releases. Red Hat images will continue to be published to Docker Hub and the Red Hat Container Catalog.

docker-splunk changes:

  • Bumping Splunk version. For details, see Release Notes for 8.2.0
  • Switched Python integrity check from MD5 checksum to GPG signature

splunk-ansible changes:

  • Added support for setting clientName in deploymentclient.conf
    • splunk.deployment_client.name in default.yml
    • SPLUNK_DEPLOYMENT_CLIENT_NAME environment variable

8.1.14

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

8.1.13

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

8.1.12

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Bump version tag.

8.1.11

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Bump version tag.

8.1.10

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Bump version tag.

8.1.7.1

What's New?

Changes

8.1.9

What's New?

  • New Splunk Enterprise maintenance patch. For details, see Fixed issues for 8.1.9
  • Bundling in changes to be consistent with the release of 8.2.5

Changes

8.1.8

What's New?

  • New Splunk Enterprise maintenance patch. For details, see Fixed issues for 8.1.8
  • Bundling in changes to be consistent with the release of 8.2.4

Changes

8.1.7

What's New?

  • New Splunk Enterprise maintenance patch. For details, see Fixed issues for 8.1.7
  • Bundling in changes to be consistent with the release of 8.2.3

Changes

8.1.6

What's New?

  • New Splunk Enterprise maintenance patch. For details, see Fixed issues for 8.1.6
  • Bundling in changes to be consistent with the release of 8.2.2

Changes

8.1.5

What's New?

  • New Splunk Enterprise maintenance patch. For details, see Fixed issues for 8.1.5
  • Bundling in changes to be consistent with the release of 8.2.1

Changes

8.1.4

What's New?

  • New Splunk Enterprise maintenance patch. For details, see Fixed issues for 8.1.4
  • Bundling in changes to be consistent with the release of 8.2.0

Changes

8.1.3

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Bugfixes
  • Documentation and CI updates

8.1.2

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

  • Bumping Splunk version. For details, see Fixed issues for 8.1.2
  • Updated Red Hat and Debian base images to only use Python 3
  • Switched vulnerability scanner from Clair to Trivy + Anchore
  • Bugfixes and documentation updates

splunk-ansible changes:

  • Bugfixes and documentation updates

8.1.1

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

  • Bumping Splunk version. For details, see Fixed issues for 8.1.1
  • CI pipeline refactor + optimizations
  • Bugfixes

splunk-ansible changes:

  • Fetches peer node data for DMC
  • Bugfixes and documentation updates

8.1.0.1

What's New?

  • Releasing new images to support Splunk Enterprise maintenance patch.

docker-splunk changes:

splunk-ansible changes:

  • Bugfixes and cleanup

8.1.0

What's New?

  • Releasing new images to support Splunk Enterprise release.

docker-splunk changes:

splunk-ansible changes:

  • Added environment variables to configure HTTPS on Splunkd. See Supported environment variables for details.
    • SPLUNKD_SSL_ prefixed environment variables
    • splunk.ssl section in default.yml
  • Enabled multisite for the splunk_monitor role
  • Enabled local indexing on the license master
  • Bugfixes and cleanup

8.0.10

What's New?

  • New Splunk Enterprise maintenance patch. For details, see Fixed issues for 8.0.10
  • Bundling in changes to be consistent with the release of 8.2.1

Changes

8.0.9

What's New?

  • New Splunk Enterprise maintenance patch. For details, see Fixed issues for 8.0.9
  • Bundling in changes to be consistent with the release of 8.2.0

Changes

8.0.8

What's New?

  • New Splunk Enterprise maintenance patch. For details, see Fixed issues for 8.0.8
  • Bundling in changes to be consistent with the release of 8.1.1

Changes

8.0.7

What's New?

  • New Splunk Enterprise maintenance patch. For details, see Fixed issues for 8.0.7
  • Bundling in changes to be consistent with the release of 8.1.0

Changes

8.0.6.1

What's New?

  • New Splunk Enterprise maintenance patch. For details, see Fixed issues for 8.0.6.1
  • Bundling in changes to be consistent with the release of 8.1.1

Changes

8.0.6

What's New?

  • Releasing new images to support Splunk Enterprise maintenance patch.

docker-splunk changes:

  • Bumping Splunk version. For details, see Fixed issues for 8.0.6
  • Test rewrite for parallelization
  • Decoupled etc backup directory from SPLUNK_HOME
  • Added tests and documentation for new features

splunk-ansible changes:

  • Support for declarative admin password, enabling password updates and rotations. splunk.password will always be the password for the admin user and changes to splunk.password will drive password reconciliation.
  • Added flag to disable pop-ups and new user tour
  • Fixed default variable propagation order

8.0.5.1

What's New?

  • New Splunk Enterprise maintenance patch. For details, see Fixed issues for 8.0.5.1
  • Bundling in changes to be consistent with the release of 8.0.6

Changes

8.0.5

What's New?

  • Releasing new images to support Splunk Enterprise maintenance patch.

docker-splunk changes:

  • Bumping Splunk version. For details, see Fixed issues for 8.0.5
  • Support for Splunk Cloud
  • Added tests and documentation for new features

splunk-ansible changes:

  • Support for Splunk Enterprise Security (ES)
  • Added a role for the Distributed Monitoring Console (DMC)
  • Support for forwarding from the Splunk Data Stream Processor (DSP)
  • splunk.license_master_url now allows scheme and port to be set along with the protocol

8.0.4.1

What's New?

  • Releasing new images to support Splunk Enterprise maintenance patch.

docker-splunk changes:

  • Bumping Splunk version. For details, see Fixed issues for 8.0.4.1
  • Additional tests and documentation for new features
  • Updated RH8 packages per GCR image vulnerability scan

splunk-ansible changes:

  • Support for setting the deployer push mode to control how apps are bundled and distributed to cluster members:
    • shc.deployer_push_mode in default.yml
  • Added the config variable auxiliary_cluster_masters to support enabling a search head to search across multiple indexer clusters. See Multi-Cluster Search for details on configuration.
  • Documentation on executing splunk-ansible remotely, through a controller node such as Ansible Tower/AWX
  • Set custom Splunkd connection timeout using either:
    • splunk.connection_timeout in default.yml
    • SPLUNK_CONNECTION_TIMEOUT environment variable

8.0.4

What's New?

  • Releasing new images to support Splunk Enterprise maintenance patch.

docker-splunk changes:

splunk-ansible changes:

  • Support for custom SSL certificates for the Splunkd management endpoint
  • Support for custom ports for Splunk Application Server and App KV Store using:
    • splunk.appserver.port, splunk.kvstore.port in default.yml
    • SPLUNK_APPSERVER_PORT, SPLUNK_KVSTORE_PORT environment variables
  • Java installation through default.yml with java_download_url, java_update_version, and java_version
  • Support for Windows+AWS deployments for Splunk v7.2 and v7.3
  • Set pass4SymmKey for indexer discovery separately from pass4SymmKey for indexer clustering with:
    • splunk.idxc.discoveryPass4SymmKey in default.yml
    • SPLUNK_IDXC_DISCOVERYPASS4SYMMKEY environment variable

8.0.3

What's New?

  • Releasing new images to support Splunk Enterprise maintenance patch.

docker-splunk changes:

  • Bumping Splunk version. For details, see Fixed issues for 8.0.3
  • Limited ansible-playbook to localhost only
  • Updated tests and documentation

splunk-ansible changes:

  • Added support for custom SSL certificates for the HEC endpoint
  • Added support for Java installations on Red Hat and CentOS
  • Updated defaults for service_name
  • Switched splunk.conf in default.yml from a dictionary mapping to an array-based scheme. The change is backwards compatible but moving to the new array-based type is highly recommended as the new standard.
  • In S2S configuration, revised Splunk restart trigger to occur only when splunktcp has changed and Splunk is running
  • Refactored how apps are copied and disabled
  • Bugfix for supporting empty stanzas in config files

8.0.2.1

What's New?

  • Releasing new images to support Splunk Enterprise maintenance patch.

docker-splunk changes:

splunk-ansible changes:

  • Added support for reading SPLUNK_PASSWORD from a file
  • License master and cluster master URLs are now also configurable in the default.yml config, as well as with the LICENSE_MASTER_URL and CLUSTER_MASTER_URL environment variables
  • Added support for auto-detecting the service_name for SplunkForwarder and allowing manual configuration with splunk.service_name
  • All HEC related variables were revised to follow a nested dict format in default.yml, i.e. splunk.hec_enableSSL is now splunk.hec.ssl. See the Provision HEC example in the docs.

8.0.2

What's New?

  • New Splunk Enterprise release of 8.0.2

docker-splunk changes:

  • Bumping Splunk version. For details, see Fixed issues for 8.0.2
  • Bugfixes and increasing test coverage for new features

splunk-ansible changes:

  • Revised Splunk forwarding/receiving plays to optionally support SSL (see documentation on securing data from forwarders)
  • Initial support for forwarder management using Splunk Monitoring Console
  • New environment variables exposed to control replication/search factor for clusters, key/value pairs written to splunk-launch.conf, and replacing default security key (pass4SymmKey)

NOTE Changes made to support new features may break backwards-compatibility with former versions of the default.yml schema. This was deemed necessary for maintainability and extensibility for these additional features requested by the community. While we do test and make an effort to support previous schemas, it is strongly advised to regenerate the default.yml if you plan on upgrading to this version.

DEPRECATION WARNING As mentioned in the changelog, the environment variables SPLUNK_SHC_SECRET and SPLUNK_IDXC_SECRET will now be replaced by SPLUNK_SHC_PASS4SYMMKEY and SPLUNK_IDXC_PASS4SYMMKEY respectively. Both are currently supported and will be mapped to the same setting now, but in the future we will likely remove both SPLUNK_SHC_SECRET and SPLUNK_IDXC_SECRET

8.0.1

What's New?

  • New Splunk Enterprise release of 8.0.1

docker-splunk changes:

  • Bumping Splunk version. For details, see Fixed issues for 8.0.1
  • Bugfixes and increasing test coverage for new features

splunk-ansible changes:

  • Service name fixes for AWS

  • Bugfixes around forwarding and SHC-readiness

  • Additional options to control SmartStore configuration

    NOTE If you are currently using SmartStore, this change does break backwards-compatibility with former versions of the default.yml schema. This was necessary to expose the additional features asked for by the community. Please regenerate the default.yml if you plan on upgrading to this version.

8.0.0

What's New?

  • New Splunk Enterprise release of 8.0.0

docker-splunk changes:

  • Bumping Splunk version. For details, see Fixed issues for 8.0.0
  • Reduced base image size due to package management inflation
  • Additional Python 2/Python 3 compatibility changes

splunk-ansible changes:

  • Increasing delay intervals to better handle different platforms
  • Adding vars needed for Ansible Galaxy
  • Bugfix for pre-playbook tasks not supporting URLs

7.3.9

What's New?

  • New Splunk Enterprise maintenance patch. For details, see Fixed issues for 7.3.9
  • Bundling in changes to be consistent with the release of 8.1.2

Changes

7.3.8

What's New?

  • New Splunk Enterprise maintenance patch. For details, see Fixed issues for 7.3.8
  • Bundling in changes to be consistent with the release of 8.1.0.1

Changes

7.3.7

What's New?

  • New Splunk Enterprise maintenance patch. For details, see Fixed issues for 7.3.7
  • Bundling in changes to be consistent with the release of 8.0.5

Changes

7.3.6

What's New?

  • New Splunk Enterprise maintenance patch. For details, see Fixed issues for 7.3.6
  • Bundling in changes to be consistent with the release of 8.0.4.1

Changes

7.3.5

What's New?

  • New Splunk Enterprise maintenance patch. For details, see Fixed issues for 7.3.5
  • Bundling in changes to be consistent with the release of 8.0.2.1

Changes

7.3.4.2

What's New?

Changes

7.3.4

What's New?

  • New Splunk Enterprise maintenance patch. For details, see Fixed issues for 7.3.4
  • Bundling in changes to be consistent with the release of 8.0.1

Changes

7.3.3

What's New?

  • New Splunk Enterprise release of 7.3.3

docker-splunk changes:

  • Bumping Splunk version. For details, see Fixed issues for 7.3.3
  • Better management of deployment server apps
  • Support for variety of Splunk package types
  • Bugfixes around app installation

splunk-ansible changes:

  • Removing unnecessary apps in distributed ITSI installations
  • Partitioning apps in serverclass.conf when using the deployment server
  • Adding support for activating Splunk Free license on boot
  • Support for cluster labels via environment variables
  • Bugfixes around app installation (through default.yml and pathing)

7.3.2

What's New?

  • New Splunk Enterprise release of 7.3.2

docker-splunk changes:

  • Bumping Splunk version. For details, see Fixed issues for 7.3.2
  • Support for Redhat 8 UF on s390x
  • Various bugfixes

splunk-ansible changes:

  • Python 2 and Python 3 cross compatibility support
  • Support SPLUNK_SECRET as an environment variable
  • Prevent double-installation issue when SPLUNK_BUILD_URL is supplied
  • Various bugfixes

7.3.1

What's New?

  • New Splunk Enterprise release of 7.3.1

docker-splunk changes:

splunk-ansible changes:

  • Fixed Enterprise Security application installation issues
  • Refactored Systemd
  • Fixed Ansible formatting issue
  • Cleaned up Python files before install

7.3.0

What's New?

  • Adding base debian-10 and redhat-8 platform
  • Changing default splunk/splunk from debian-9 to debian-10 for enhanced security
  • Overarching changes to build structure to support multi-stage builds for various consumers

docker-splunk changes:

  • Bumping Splunk version. For details, see Fixed issues for 7.3.0
  • Changing default splunk/splunk from debian-9 to debian-10 for enhanced security
  • Overarching changes to build structure to support multi-stage builds for various consumers
  • Minor documentation changes

splunk-ansible changes:

  • Adding ability to dynamically change SPLUNK_ROOT_ENDPOINT at start-up time
  • Adding ability to dynamically change SplunkWeb HTTP port at start-up time
  • Modified manner in which deployment server installs + distributes app bundles
  • More multi-site functionality
  • Support for Cygwin-based Windows environments
  • Minor documentation changes

7.2.10.1

What's New?

Changes

7.2.10

What's New?

Changes

7.2.9

What's New?

  • Releasing new images to support Splunk Enterprise maintenance patch. For details, see Fixed issues for 7.2.9
  • Bundling in changes to be consistent with the release of 8.0.0

Changes

7.2.8

What's New?

Nothing - releasing new images to support Splunk Enterprise maintenance patch.

docker-splunk changes:

splunk-ansible changes:

  • Nothing - releasing new images to support Splunk Enterprise maintenance patch

7.2.7

What's New?

  • Adding base debian-10 and redhat-8 platform
  • Changing default splunk/splunk from debian-9 to debian-10 for enhanced security
  • Overarching changes to build structure to support multi-stage builds for various consumers

docker-splunk changes:

  • Bumping Splunk version. For details, see Fixed issues for 7.2.7
  • Changing default splunk/splunk from debian-9 to debian-10 for enhanced security
  • Overarching changes to build structure to support multi-stage builds for various consumers
  • Minor documentation changes

splunk-ansible changes:

  • Adding ability to dynamically change SPLUNK_ROOT_ENDPOINT at start-up time
  • Adding ability to dynamically change SplunkWeb HTTP port at start-up time
  • Modified manner in which deployment server installs + distributes app bundles
  • More multi-site functionality
  • Support for Cygwin-based Windows environments
  • Minor documentation changes

7.2.6

What's New?

Nothing - releasing new images to support Splunk Enterprise maintenance patch.

docker-splunk changes:

splunk-ansible changes:

  • Nothing - releasing new images to support Splunk Enterprise maintenance patch

7.2.5.1

What's New?

Nothing - releasing new images to support Splunk Enterprise maintenance patch.

docker-splunk changes:

splunk-ansible changes:

  • Nothing - releasing new images to support Splunk Enterprise maintenance patch

7.2.5

What's New?

  • Introducing multi-site to the party
  • Added splunk_deployment_server role
  • Minor bugfixes

docker-splunk changes:

  • Bumping Splunk version. For details, see Fixed issues for 7.2.5
  • Documentation overhaul
  • Adding initial framework to support multi-site deployments
  • Removing built-in Docker stats app for Splunk Universal Forwarder due to lack of use and violation of permission model

splunk-ansible changes:

  • Adding support for splunk_deployment_server role
  • Adding initial framework to support multi-site deployments
  • Small refactor of upgrade logic
  • Ansible syntactic sugar and playbook clean-up
  • Documentation overhaul
  • Adding CircleCI to support automated regression testing

7.2.4

What's New?

  • Support for Java installation in standalones and search heads
  • Hardening of asynchronous SHC bootstrapping procedures
  • App installation across all topologies
  • Adding CircleCI to support automated regression testing
  • Minor bugfixes

docker-splunk changes:

  • Bumping Splunk version. For details, see Fixed issues for 7.2.4
  • Adding Clair scanner for automated security scanning
  • Adding CircleCI to support automated regression testing
  • Minor documentation changes

splunk-ansible changes:

  • Changing replication port from 4001 to 9887 for PS and field best practices
  • Adding support for multiple licenses via URL and filepath globs
  • Adding support for java installation
  • Hardening SHC-readiness during provisioning due to large-scale deployment synchronization issues
  • Extracting out admin username to be dynamic and flexible and enabling it to be user-defined
  • App installation support for distributed topologies (SHC, IDXC, etc.) and some primitive premium app support
  • Supporting Splunk restart only when required (via Splunk internal restart_required check)
  • Minor documentation changes

7.2.3

What's New?

Nothing - releasing new images to support Splunk Enterprise maintenance patch.

docker-splunk changes:

splunk-ansible changes:

  • Nothing - releasing new images to support Splunk Enterprise maintenance patch

7.2.2

What's New?

  • Permission model refactor
  • Minor bugfixes

docker-splunk changes:

  • Bumping Splunk version. For details, see Fixed issues for 7.2.2
  • Adding base centos-7 platform
  • Packages added to all base platforms: acl and ping
  • Minor documentation changes
  • Significant permission model refactor such that splunkd will be run under the splunk:splunk user/group and the ansible-playbook setup will be run under ansible:ansible user/group
  • Introducing new environment variable CONTAINER_ARTIFACT_DIR for various artifacts

splunk-ansible changes:

  • Writing ansible logs to container artifact directory
  • Adding templates for various OS/distributions to define default default.yml settings
  • Adding no_log to prevent password exposure
  • Support new permission model with become/become_user elevation/de-elevation when interacting with splunkd
  • Support for out-of-the-box SSL-enabled SplunkWeb
  • Adding ability to generate any configuration file in $SPLUNK_HOME/etc/system/local
  • Introducing user-defined pre- and post- playbook hooks that can run before and after (respectively) site.yml
  • Minor documentation changes

7.2.1

What's New?

  • Initial SmartStore support
  • App installation for direct URL link, local tarball, and from SplunkBase for standalone and forwarder

docker-splunk changes:

  • Bumping Splunk version. For details, see Fixed issues for 7.2.1
  • Adding python-requests to base Docker image
  • Adding app installation features (direct link, local tarball, and SplunkBase)
  • Minor documentation changes

splunk-ansible changes:

  • Minor documentation changes
  • Introducing support for SmartStore and index creation via defaults.yml
  • Checks for first-time run to drive idempotency
  • Adding capability to enable boot-start of splunkd as a service
  • Support for user-defined splunk.secret file
  • Adding app installation features (direct link, local tarball, and SplunkBase)
  • Fixing bug where HEC receiving was not enabled on various Splunk roles
  • Ansible syntactic sugar and playbook clean-up
  • Minor documentation changes

7.2.0

What's New?

Everything :)

docker-splunk changes:

  • Initial release!
  • Support for Splunk Enterprise and Splunk Universal Forwarder deployments on Docker
  • Supporting standalone and distributed topologies

splunk-ansible changes:

  • Initial release!
  • Support for Splunk Enterprise and Splunk Universal Forwarder deployments on Docker
  • Supporting standalone and distributed topologies