Manage 2.7 - Release Notes
This document provides the release notes for Manage v2.7. It describes new capabilities and notable changes relative to the previous production release v2.6.
Upgrade from the previous version
Manage 2.7 is released as a system upgrade pack that contains new features, system-level changes, and patches released since
An existing installation of Manage 2.6 is required for this upgrade pack to be successful, so confirm your current Manage version before applying this upgrade pack. Refer also to the 'Known Issues' section below.
For customers running earlier versions, please contact the Gemini Support team via the Support Portal or on firstname.lastname@example.org for further information on upgrading to version 2.7
What’s New in Manage 2.7
System and Foundation
- A new Gemini Agent that allows you to include and manage remote Splunk instances (Linux only), within the Gemini Management Center. The Gemini Agent is independent software which can be installed from the Management Center to standalone or clustered Splunk instances. Alternatively, the Gemini Agent could be installed on a fresh Linux OS not yet running Splunk. If Splunk is installed and running, another Splunk admin account will be created by the Gemini Agent for remote operational purposes.
- A new CLI command, 'sbox agent' has been created to manage the distribution of the Gemini Agent binary. This will allow the distribution of the Gemini Agent direct from the Management Center. Execute the CLI command 'sbox agent' at the console for more information.
- Enhanced Swap Management allowing you to specify the swap file size when enabled.
- New destination file splitting option in Log Receiver. This allows for the splitting of destination files by Severity(Level) when receiving syslog.
- Improvements to the API and listening ports. Some listening ports have been integrated into the core and will no longer exist. These include TCP ports; 9118, 6996, 6997 and 13218. Some features will lose backward compatibility due to this change, therefore all nodes must be upgraded to the latest version if the License, Gemini Cluster, or Failover features are in use.
- A new CLI command integrated and replaced the existing commands. The two existing CLI commands for Splunk Environments troubleshooting; 'sbox splunk --kill' and 'sbox splunk --undo-manager', have been replaced by the following command: 'sbox splunk --reset_environments'.
- Multiple security vulnerabilities found before Dec. 4, 2019 have been fixed.
- The End User Licensing Agreement (EULA) has been updated.
- A new page layout and reorganized menu for better navigation experience.
- The Timezone function is merged with the System Time function.
- The Monitoring function has been renamed Log Forwarding in order to prevent confusion and the new page has merged existing tabs into one view.
- Tab views within SNMP and Name functions have been merged into single views.
- New encrypted protection for diagnostic system files. Now generated system diagnostic files will be encrypted (AES-256) to protect against sensitive information leak.
- New Gemini Cluster jobs that allow you to change the OS or admin User passwords on multiple nodes simultaneously.
- A new Splunk Environments capability allowing the adoption of existing Splunk instances into the Splunk Environments area. This includes both standalone and clustered Splunk instances which can now be managed by the Management Center node. A new Splunk admin account will be added by the Gemini Agent for further administrative operations.
- A new Splunk Environments capability that allows a standalone Splunk role to be added and managed. A standalone role is a Splunk instance running on Gemini software or appliance, including the new Gemini Agent, and acting as a Splunk standalone role; Forwarder, Deployment Server, Indexer or Search Head. This enables standalone Splunk roles to be managed by the Splunk Environments feature.
- A new Splunk Environments capability that supports any instance running a Gemini Agent. Once a Gemini Agent is operational, whether or not Splunk is running, it can be added into a Splunk Environment within Manage.
- An extended Splunk Environments capability that supports the simultaneous addition of multiple nodes into Splunk Environments, typically this could be an Indexer or Search Head cluster. Download and edit a sample configuration file using the built-in instructions, then upload the file to bring in a Splunk cluster or several standalone nodes.
- When building a new environment any User specified site name will be removed. It will use values assigned to the Splunk cluster configurations instead.
- MGR-2904, MGR-2946, MGR-2947, MGR-2948: Sensitive data disclosed in diagnostic information.
- MGR-2905: Sensitive data disclosed in backup file.
- MGR-2944: Hyphen in NTP server name being removed.
- MGR-2949: Input validation not aligned with Splunk when specifying admin password.
- MGR-2972: Diagnostic info generation taking too long.
- MGR-3056: Current AMI is incompatible with EC2 instance type C5.
- MGR-3186: Data will be lost in some cases when the encrypted partition has been unmounted.
- The Splunk workload management feature is not supported. Consult with Gemini Support team if you need to use this feature.
- When upgrading from Manage v2.6, Splunk Clusters will be removed from the main Splunk Environments dashboard and appear as complete clusters within the Unassigned Nodes panel. Highlight each cluster and Use the 'Assign to Environment' button to place them back on the dashboard. Important Note: All the nodes need to have been upgraded to 2.7 before this is achieved.
- The Gemini Data Quality App has not been tested on Splunk 7.3 and above.
- Splunk Environments: Currently an error will occur when adding more than one node into an existing Splunk cluster at a time. Workaround: Expand the Splunk cluster by adding the nodes one by one in Splunk Environments.
- Gemini Agent: Gemini Agent operations will fail if special characters have been used in either the login password or the cluster secret keys. Please verify before attempting Splunk cluster adoption into Manage Splunk Environments.
- Gemini Agent: Gemini Agent operations will fail if the OS user running Splunk on the instance is not named 'splunk'. If you plan to install the Gemini Agent on a host, ensure that a 'splunk' user exists.
- Port changes: The Failover feature; API port 9118 has now merged into the core API (port 8686). The Licensing feature; license agent port 6997 and the license server port 6996 have both merged into the admin API (port 4444). The Uno feature, Uno API Port 13218 has merged into the admin API (port 4444)
Supported Splunk Platform Application Versions
Splunk Enterprise 7.0
Splunk Enterprise 7.1
Splunk Enterprise 7.2
Splunk Enterprise 7.3
Splunk Enterprise 8.0
Splunk Light 7.0
Splunk Light 7.1
Splunk Light 7.2
Splunk Light 7.3
Splunk Light 8.0
Deprecated and removed features
- Cloudera Manage is now deprecated and will no longer be maintained.
All third-party products mentioned within this document are the property of their respective owners.