This is not current Splunk documentation.Splunk 3.4.2 is the latest version. Only use this page with older Splunk 2.0.x.
Splunk Release Notes (Splunk v2.0)
Versions
Beta 4
This release includes many major changes from Splunk Server 1.0 beta 2. Private beta testers should read carefully.
Installation, Platforms & Packaging
New installer that supports graphical and commandline installation, guides you through initial configuration, and sets up both Splunk and all packaged 3rd party dependencies in a single step (RPMs are still available for RedHat and Fedora platforms only)
New platform support (Solaris 8 currently available, other additions to be posted shortly)
The default installation path has been changed from /opt/local/ to /opt/splunk/
User Interface & Search
Vastly improved UI design and interaction
UI scales better to both smaller and larger screens
New Splunk Server home page with shortcuts to common searches, processing statistics, and documentation
Saved Splunks accessible on home page
Events summarized by sourcetype as well as source
Inverted mode turns interface black instead of white
Tags replace eventtype names
Type desriptor replaced by more specific eventtype descriptor
Improved timerange controls are more intuitive
Timerange values not shown in search box to reduce confusion
Global tools provide 1-click search for specific sources & sourcetypes
Soft wrap options fits search results into screen space
Many search language refinements
New meta::daysago and meta::hoursago descriptors
Configuration & Administration
Extensive configuration file cleanup with improved inline examples and guidance
Directory monitor now requires one (and only one) sinkhole directory
Bugs in splunkcopy and splunksym are fixed, instructions clarified as well
Syslog and other modules are now able to work more easily with directory monitor & tailing processor; configuration instructions have changed
Sourcetype can be set explicitly for files that are directed to the tailingprocessor, or explicitly sent to a pipeline via a substitutions.xml file
Performance
Significant indexing performance improvements
Splunk Service
Splunk Service integration to look up specific event types against tags and descriptions posted by the community
Log anonymization technology that Splunk is about to release via GPL
Indexing & Data Processing
Eventtype granularity is better aligned with semantics for many sources including Apache, Asterisk VoIP call detail logs, syslog, and sendmail
Improved segmentation behavior
Many resolved issues recognizing and normalizing timestamps
Unexpected descriptor improved; now considers term frequencies
Other Resolved Issues
Resolved issues with searching by source and sourcetype/li>
Improved count accuracy for terms in typeahead
Typeahead will not reveal terms in database before successful login
Directory monitor looping problems fixed
Documentation
Administrative tasks documented from customer experience
Comments
No comments have been submitted.