3.0.8

New alerts:

• SearchHeadLevel - summary indexing searches not using durable search

New macros:

• indexer_cluster_name without any parameters created as per issue #19 (barrettnet)

New reports:

• SearchHeadLevel - audit.log - lookup usage
• SearchHeadLevel - license usage per sourcetype per index
• SearchHeadLevel - Lookup file owners
• IndexerLevel - RemoteSearches - lookup usage

Updated alerts:

• AllSplunkEnterpriseLevel - Splunkd Log Messages Admins Only - more matching criteria
• SearchHeadLevel - Scheduled Searches That Cannot Run - as per issue #18 (AHCL1)
• SearchHeadLevel - SHC Captain unable to establish common bundle - additional exclusion for Splunk 9.0.x

Updated reports:

• IndexerLevel - platform_stats.indexers totalgb measurement - added * to the end of license_usage.log, updated indexer_cluster_name with parameter as per issue #19 (barrettnet)
• IndexerLevel - platform_stats.indexers totalgb_thruput measurement - updated indexer_cluster_name with parameter as per issue #19 (barrettnet)
• SearchHeadLevel - Search Queries summary exact match - removed newlines to improve accuracy
• SearchHeadLevel - Search Queries summary non-exact match - removed newlines to improve accuracy

Updated recommended links in nav menu