Splunk v9.0 Compatibility
82 views
Skip to first unread message
Matthew Hemker
Sep 9, 2022, 9:19:30 AM9/9/22
to Wazuh mailing list
Good Morning all,
I see the latest version of Splunk that is documented to be compatible with the latest version of Wazuh is 8.2.6.
I realize those who utilize Splunk as an interface to Wazuh are few and far between, but has anyone upgraded to Splunk 9.0? We are wanting to do so soon to patch the recent security vulnerabilities, but need to maintain our Wazuh data ingestion.
Any issues experienced? Any anticipation for Wazuh to formally document it's compatibility for Splunk 9.x?
Thanks,
-Matt
Octavio Valle López
Sep 9, 2022, 12:22:56 PM9/9/22
to Wazuh mailing list
Hi Matthew! I hope you are well!
It is not something that I recommend you do, since we did not perform our release tests with that version and it may have one or more unexpected behaviors.
Although I must admit that within the community there are users who did make this update, but we are unaware of the lack of compatibility against that version.
EX:
https://github.com/wazuh/wazuh-splunk/issues/1352
Apart from this, we don't have a formal update planned yet, as we are making a big focus on wazuh-dashboard and the whole Wazuh stack.
It is not something that I recommend you do, since we did not perform our release tests with that version and it may have one or more unexpected behaviors.
Although I must admit that within the community there are users who did make this update, but we are unaware of the lack of compatibility against that version.
EX:
https://github.com/wazuh/wazuh-splunk/issues/1352
Apart from this, we don't have a formal update planned yet, as we are making a big focus on wazuh-dashboard and the whole Wazuh stack.
Reply all
Reply to author
Forward
0 new messages