Skip to main content
Splunk Lantern

Preparing your Splunk Enterprise instance to upgrade to jQuery 3.5

 

At Splunk, we continuously focus on the security of the Splunk Enterprise. As part of that effort, we announced the deprecation of libraries older than jQuery v3.5 in early 2021. Starting in the second half of calendar year 2022, we plan to remove support for jQuery libraries older than v3.5 in new versions of Splunk Enterprise.

These changes will enhance the security of your product. However, they require action from you to update Classic (Simple XML) dashboards, HTML dashboards, applications installed from Splunkbase, and private applications.

Step 1: Update your classic (simple XML) and HTML dashboards 

Update Classic (Simple XML) dashboards that use jQuery libraries prior to v3.5 

Because jQuery libraries affect simple XML dashboards with custom JavaScript, dashboard versioning has been introduced starting in Splunk Enterprise 8.2.5. 

  • Simple XML Dashboard version 1.0
    • Dashboards load with older versions of jQuery
  • Simple XML Dashboard version 1.1 
    • Dashboards load  with jQuery 3.5

Admins will need to work with dashboard owners to update simple XML dashboards to v1.1. 

As a Splunk Admin, you can check the jQuery Upgrade dashboard to see which dashboards are affected. To open the jQuery Upgrade dashboard, open the Search & Reporting App, click Dashboards, and then click jQuery Upgrade Dashboard

Rebuild HTML dashboards have been deprecated

You can rebuild them in one of the following ways:

  • Rebuild your HTML dashboards in Dashboard Studio. Dashboards created or rebuilt in Dashboard Studio don't need updates for jQuery 3.5. For more information about Dashboard Studio, see What is the Splunk Dashboard Studio?
  • If Dashboard Studio is insufficient to replicate the functionality of your HTML dashboards, rebuild any remaining HTML dashboards as classic (simple XML) dashboards with custom JavaScript. Ensure that your new simple XML dashboards rely on jQuery 3.5 or higher. For more information about building simple XML dashboards, see Modify dashboards using Simple XML extensions.
  • If you cannot replicate your HTML dashboards with either Dashboard Studio or a simple XML dashboard with custom JavaScript, you can write a single-page application (SPA) and fully package it with all of its dependencies. For more information on how to do this, see Update to jQuery 3.5.

Do not update classic (simple XML) or HTML dashboards that are provided by a third-party app developer. App developers will be required to update their apps and dashboards. You only need to update classic (simple XML) or HTML dashboards that were created by end users in your organization.

Step 2: Update public and private apps that use jQuery libraries prior to v3.5 

Make sure that you update all business-critical Splunkbase and private applications in time for the removal of older jQuery libraries. You should also review the jQuery Scan section in the Upgrade Readiness App, which has been introduced starting in Splunk Cloud Platform v8.2.2109, to see which Splunkbase or private apps require an update.

For third-party apps, it is the app developer’s responsibility to ensure their applications are updated with jQuery v3.5. If you are unsure if a third-party app will be updated, you can contact the application owner through the app page on Splunkbase via the Contact Developer option. 

Step 3: Restrict jQuery libraries older than v3.5

After you have updated all dashboards and apps, we recommend you test the updates by restricting the jQuery libraries older than v3.5 in a test environment before making the final restriction in your production instance. Restricting or unrestricting older jQuery libraries does not require a Splunk restart. This capability has been introduced in Splunk Enterprise 9.0 and is only available in versions that support jQuery libraries older than v3.5.

You can access this capability from Settings > Server Settings > Internal Library Settings

For more detailed guidance for admins, see the jQuery 3.5 Upgrade Manual.

Help us make your Splunk instance more secure. Please ensure your Splunk Enterprise instance, dashboards, premium solutions, Splunkbase applications, and private applications are upgraded. 

Not all heroes wear capes! 

Check out how Splunk Admin Gregg Daly used tooling provided in the Splunk Platform to restrict older versions of jQuery to make his company’s Splunk instance more secure.