Convenience and performance have been improved with features such as Python 3.7 support and workload management!
Splunk Enterprise 8.0 Key Additions
今回リリースされた「Splunk Enterprise 8.0」では、下記の機能が追加されています。
Python 3.7 support
- Python 3.7 is now supported in Splunk Enterprise 8.0.
-
- On January 1, 2020, the Python Software Foundation will end support for the Python 2.x series.
- Due to the above, Splunk Enterprise 8.0 has migrated the affected functions to Python 3.7.
- Splunk Enterprise 8.0 includes the Python 2.7 and 3.7 runtimes, but future releases of Splunk Enterprise will no longer include the Python 2.7 runtime.
Workload management enhancements
- It is now possible to extend the functionality of workload rules and specify schedules and actions.
-
- The following has been added to the Predicate (condition specification) types when creating workload rules.
・search_type, search_mode, search_time_range, runtime - It is now possible to specify a schedule and an action in addition to the Predicate (condition specification) when creating a workload rule.
- By specifying a schedule for a workload rule, you can set an expiration date for the rule.
・Schedule setting is not a required item but an optional setting. - By specifying actions in workload rules, you can perform specific actions when the conditions in the rule are met.
・Example) Stop (kill) the search process
・Example) Display a message, etc.
- The following has been added to the Predicate (condition specification) types when creating workload rules.
Analytics (Metrics) Workspace Extensions
- The metric workspace function has been renamed and the visualization function has been expanded.
-
- The Metric Workspace feature has been renamed to the Analytics Workspace feature.
- Visualization functions such as Area, Column, etc. have been expanded in addition to Line chart types.
- Custom specification of the time range is now possible.
Monitoring console enhancements (New Health Check)
- A summary page has been added to the monitoring console where you can check the health status.
-
- You can check the status and the health of each site and configuration on the summary page.
- If any signs of anomalies are found on the summary page, you can notify them in the following ways.
・Splunk Mobile (IOS App)
・E-mail
・Webhook
Enhanced security with support for token authentication
- Support for authentication tokens for SAML users for REST API and CLI.
-
- Support for token authentication enables more secure authentication.
- Authentication by token is disabled by default.
- If you want to enable it, you can enable it from "Settings -> Users and Authentication -> Tokens".