Splunk POD release notes
Find the following information on the Splunk POD version 10.2.0_1.5.0 release:
For details on Splunk POD versioning syntax, see Splunk POD versioning.
What's new in 10.2.1_1.5.0
Feature enhancements for Splunk POD version 10.2.1_1.5.0.
Splunk POD version 10.2.1_1.5.0, released on March 18, 2026, includes the following enhancements:
| New Feature | Description |
|---|---|
| Multiple search head clusters | POD Medium and Large sizing options now support up to two search head clusters, including one SHC for Enterprise Security. See Configure search head clusters for pod-medium and pod-large. |
| Enterprise Security (ES) enhancements | POD Medium and Large now support ES on search head clusters. POD Small continues to support ES on standalone search heads. See Install Splunk Enterprise Security. |
| Federated Search support | Splunk POD officially supports Federated Search, allowing cross-cluster queries to improve data visibility and operational reach. See Use Federated Search in Splunk POD. |
| Pre-flight checks | The Kubernetes Installer now runs automated pre-flight checks before deploying a cluster to verify environment readiness, catch issues early, and ensure successful deployments. See Run pre-flight checks. |
| Auto-renewal for default certificates | Default certificates for all Splunk UI ingress routes now use Cert Manager for automatic renewal every 90 days. No customer action is required. |
| Kubernetes monitoring (Perses) | Splunk POD now includes Perses for visualizing Prometheus data. Perses dashboards provide insight into resource usage and pod metrics via a dedicated ingress route. See Monitor Splunk POD. |
Known issues
Splunk POD version 10.2.1_1.5.0 has the following known issues:
| Date filed | Issue number | Description |
|---|---|---|
| 2026-01-15 | EIST-574 |
Missing CoreDNS deployment, leading to CoreDNS pods missing. This issue can appear during initial cluster deployment but does not appear during deployment on an existing cluster. Symptoms include no CoreDNS Kubernetes pods present and Splunk pods not ready. Workaround: Retry |