Release Notes 2.2.3

Release Notes 2.2.3

Date of Release: April 20, 2007

Splunk 2.2.3 resolves an internal packaging issue.

To install Splunk 2.2.3, see the Installation Manual for full instructions.

New Features

There are no new features in this release

Resolved Issues

Corrected a packaging issue with our build enviornment

Known Issues

• If the Splunk Server is configured to use LDAP authentication, the amount of time required for Splunk to successfully start will be in direct relation to the number of users stored in the LDAP. Startup can take anywhere between 45-60 seconds.
• LDAP authentication should not use SSL
• When participating in distributed search the report::[ ] operator will need to be enclosed in quotes
• The GroupDN cannot contain an ampersand (&) character if you are configuring LDAP from the GUI. The workaround is to edit the auth.conf file directly.
• In auth.conf, the authSettings value and associated configuration stanza name should not contain a space. For example, "ActiveDirectory", not "Active Directory".
• Restarting Splunk before a Live Splunk runs for the first time will result in 12/31/1969 being displayed as the Next Run date. This is purely cosmetic, the Live Splunk will run at the scheduled interval.
• Some XML reserved characters in the user's Splunk password (e.g., "ch&ngeme") cause an authorization failure for Live Splunks. If you intend to use Live Splunks, choose a password without &, <, ' or ".
• We have seen issues migrating 2.1.x users on FreeBSD to 2.2.3. If you are running Splunk on FreeBSD and lose your users on upgrade please contact Splunk Support for assistance in recovering your users.
• If you edit the passwd file (in $SPLUNK_HOME/etc) by hand (not generally recommended, but occasionally useful) ensure you maintain the sequential order of entries by user id.