Splunk Enterprise 9.4.3 known issues

A list of key known issues in this version of Splunk Enterprise.

The following are issues and workarounds for this version of Splunk Enterprise. Issues are listed in all relevant sections. Some issues appear more than once.

Date filedIssue numberDescription
2025-07-28SPL-281945After upgrading the system to version 9.4.x, the forwarder management UI on the deployment server becomes unavailable when the requireClientCert = true flag is set. The reason for this behavior is a known issue SPL-262951.

Workaround:

You can use the Splunk default certificate with requireClientCert = true.

This issue has been resolved in version 10.0.

2025-06-06SPL-278716

KV store upgrade to server version 7.0 fails when SSL compression is not set to its default value.

Workaround:

In the sslConfig stanza of the server.conf file, temporarily set allowSslCompression to true while you upgrade the KV store. You might also need to temporarily set SplunkdClientSSLCompression, allowSslCompression, and useSplunkdClientSSLCompression to true and useClientSSLCompression to false (their default settings) during this upgrade.