Release notes

Version 2.1.2

Maintenance release: bug fixes, Splunk Cloud / Splunk Enterprise 10.2+ readiness, and full refresh of bundled libraries.

Note

The minimum supported Python runtime is now Python 3.9, declared explicitly via python.required = 3.9,3.13. Splunk Enterprise 9.2.x and later default to Python 3.9; Splunk Enterprise 9.1.x users must switch the search head to Python 3.9 (supported but not the default — see Splunk’s Python 3 Migration documentation). The previous 2.1.1 release implicitly required Python 3.8+ as well via the bundled requests >= 2.32.3; this release just makes the runtime requirement explicit and aligns it with the Splunk Cloud / 10.2+ Python 3.13 stack.

bug - Fix PAT authentication for on-premise JIRA: jirafill was reading the wrong configuration key (auth_mode instead of jira_auth_mode) and silently fell back to Basic auth even when PAT was selected, leading to 403 Client Error on /rest/api/latest/project while Test connectivity reported success #223
bug - Splunk Cloud / Splunk Enterprise 10.2+ pre-check readiness: declare python.required = 3.9,3.13 alongside the legacy python.version = python3 directive in alert_actions.conf, commands.conf and restmap.conf so the add-on continues to load on Splunk 9.x / 10.x (Python 3.9) and is accepted by Splunk Cloud Pre-Check on Splunk Enterprise 10.2+ (Python 3.13) #227
bug - Fix SyntaxWarning: invalid escape sequence '\{' raised on Python 3.12+ from the bearer-token regex in jira_service_rest_handler.py (would become SyntaxError on Python 3.14); converted the pattern to a raw string literal #227
bug - Alert action UI: the JIRA Account dropdown rendered a phantom empty pre-selected entry next to the actual account, because the REST search filter (where isnotnull(title)) accepted an empty title (in SPL, isnotnull("") is true). Tightened the filter to where isnotnull(title) AND len(title)>0 on both the Open/Update/Close and Replay alert actions, mirrored in globalConfig.json.
bug - Alert action UI: the Project, Issue Type and Priority dropdowns in globalConfig.json referenced get_jira_projects / get_jira_issue_types / get_jira_priorities without arguments, but these macros are defined as 1-arg macros in macros.conf; if anyone regenerated the alert HTML from globalConfig.json (e.g. by removing the manual alerts/*.html files before ucc-gen build) the dropdowns would not resolve. Aligned globalConfig.json to call them with _all so it stays in sync with the macros and the manually authored alert HTML.
change - Refresh build toolchain and bundled runtime libraries:
- splunk-add-on-ucc-framework 5.44.0 → 6.4.0
- splunktaucclib 6.2.0 → 8.1.0
- solnlib pinned to >=7.0.0,<8.0.0 to avoid the heavy OpenTelemetry/grpc transitive stack pulled by solnlib 8.x
- requests is now declared explicitly in package/lib/requirements.txt (no longer a transitive dependency of splunktaucclib since 7.0.0) and bumped to 2.33.1
- openpyxl 3.1.2 → 3.1.5
- documentation toolchain: sphinx 7.2.6 → 8.1.3, sphinx-rtd-theme 2.0.0 → 3.0.2, jinja2 3.1.4 → 3.1.6
- GitHub Actions build matrix moved to Python 3.13; Read the Docs builder moved to Ubuntu 24.04 / Python 3.13

Version 2.1.1

bug - basic authentication is unexpectly used due to a bug in 2.1.0 which affects Jira on-premise instances #215
bug - dedup get Jira issue failed due to invalid credentials #216

Version 2.1.0

Key information

This release introduces a REST API in the application, with the principal objectives of implementing a least privileve approach to allow the actions to be called with restricted capabilities, and avoid problematic capabilities previously required.
This also provides a centralised API logic, these endpoints are globally called by the associated custom commands and alert actions.
Deep review and refactoring of the Python code was achieved.
New capabilities were added to the JIRA alert actions notably with Auto Closure of issues.
Automated validation of the JIRA connectivity before allowing the creation or update of a JIRA account.
SSL validation with custom or self-signed certificate by providing the SSL bundle content in the account configuration.

Detailed release notes

bug - Unreadable characters after adding alert data in JSON to the description #203
change - Define fields type in collections.conf #204
enhancement - Prevent REST API populating searches executed to populate the alert drilldown to be executed without a restricted time range, so Workload rules forbidding all time searches would not prevent dropdown from being populated #205
enhancements/bugs - Various Python code review and refresh #206
enhancement - Least Privilege approach and removing needs for privileged capabilities in Splunk #207
enhancement - Validates the JIRA connectivity before allowing the creation or update of a JIRA account #209
enhancement - Add built-in support for Issue auto-closure with new auto closure capabilities #210
enhancement - SSL validation with custom or self-signed certificate by providing the SSL bundle content in the account configuration #212

Version 2.0.20

Issue dedup no longer works after Atlassian put cloudfront in front of the Jira cloud api #200

Version 2.0.19

Fix Issue#181 - Fix - Problem setting Assets custom field object #181
Fix Issue#194 - Enhancement - Result alerts in description as table #194
Fix Issue#197 - FIPS Support since Splunk 9.3.x - FIPS error when creating tickets #197
Change - Upgrade all SDKs and Libraries to latest versions
Change - Dark theme support for Configuration

Version 2.0.18

Fix Issue#184 - Fix - Splunk Cloud vetting - Force SSL Verification or the use of a CA bundle to validate the SSL verification #184
Fix Issue#185 - Build - Prevents pyc, hidden files or directory to be part of the release #185
Fix Issue#186 - Pypi requirements libs refresh #186
Fix Issue#188 - Number of projects count in Overview - JIRA Projects is wrong #188
Fix Issue#189 - Avoid app nav bar ending in multiple lines #189

Version 2.0.17

enhancement - Custom fields - Add additional protection against badly parsed custom fields #174
enhancement - Allows adding the Splunk search results in the JIRA Description field (in CSV or JSON format) #173
bug - Splunk Cloud Classic - ensures that indexed time parsing is partioned on the Search Heads properly (SLIM) #176

Version 2.0.16

enhancement - Remove __mv_ fields from export as JSON/XLSX/CSV when attaching results #170

Version 2.0.14

Fix Issue #155: Regression with the resilient store tracker

If post-upgrade and after at leat one execution you are still experiencing issues with the reslient tracker, please purge the KVstore collection:

| outputlookup jira_failures_replay

Any temporary failure will be stored properly for replay purposes.

Version 2.0.13

FIx Issue #151: Proxy account configuration is not synced in a SHC

Version 2.0.12

Fix Issue #148: Accounts are not synchronised among members of the SHC
Fix Issue #149: jiraoverview should verify the HTTPS protocol

Version 2.0.11

Enhancement: Add a connectivity verification (network, settings and authentication) in custom commands, as well as an option that can be triggered from the jirafill command (| )
Enhancement: Logging enhancements, custom command now log to their own dedicated log file, available in the _internal, configurable via the logging level in the configuration UI, and easily accessible from the navigation menu
Enhancement: Introducing a new custom command “| jiraoverview” which loads at scale all main KPIs for all projects for configured accounts, and replaces the previous heavy and slow logic in the JIRA analytic dashboard. In Addition, this addresses some reported issues where not all projects could be loaded
Fix: Regression with version 2.10 regarding issues calling components #146

Version 2.0.10

Python code level enhancements for a more robust approach when builing the JSON data to be submitted to the JIRA API, this addresses risks of failures with very complex contents
Remove useless references to oauth in account configuration