SA - Splunk UF Upgrade Monitoring for Windows

SA - Splunk UF Upgrade Monitoring for Windows is a Search Head app that provides dashboards, reporting views, data model support, event code visibility, and troubleshooting workflows for Windows Universal Forwarder upgrade activity. This app is designed to help Splunk administrators monitor upgrade outcomes across Windows Universal Forwarders, identify hosts that successfully upgraded, find hosts that failed or remain below the target version, and investigate setup, scheduled task, service control, MSI, cleanup, state tracking, and retry-control events. This Search Head app does not perform endpoint upgrades directly. Upgrade execution is handled by the companion endpoint automation TA, `TA-windows_uf_upgrade_automation`. Parsing and indexing support is handled by the companion parsing TA, `TA-windows_uf_upgrade_parsing`. While this Search Head app is not required to execute Windows Universal Forwarder upgrades, it is recommended for operational visibility, troubleshooting, and reporting. It helps administrators understand what happened during an upgrade rollout and which endpoints may need remediation. The app provides visibility into events such as: * Upgrade attempts * Successful upgrades * Failed upgrades * Hosts not on the target version * Version validation results * Scheduled task creation and execution * Splunk service stop/start activity * MSI installer results * Installer cleanup activity * JSON state tracking * Retry-loop prevention * Controlled force retry and retry reset activity This app is intended for Splunk Enterprise Search Heads or Search Head Clusters. It should not be deployed to Windows Universal Forwarders as the upgrade execution component.