This documentation does not apply to the most recent version of Splunk® Enterprise Security.
For documentation on the most recent version, go to the latest release.
Download topic as PDF
Fixed Issues for Splunk Enterprise Security
The following issues have been resolved for this version of Splunk Enterprise Security.
Date resolved | Issue number | Description |
---|---|---|
2016-10-03 | SOLNESS-10528, SOLNESS-10534, SOLNESS-10548 | Identity_Management.Expired_User_Activity object does not take the _time of the event into account |
2016-09-16 | SOLNESS-10142 | Correlation Search: "Access - Short-lived Account Detected - Rule" suppressing on a non-existent field |
2016-09-15 | SOLNESS-9453 | Incident Review displays max 1000 events; Pagination expects more |
2016-09-08 | SOLNESS-9553 | Upgrade hangs on deprecating add-ons and generates a 400 error in the essinstaller2.log when attempting to disable apps. |
2016-09-06 | SOLNESS-10081 | Custom security domain not available for manual notables or new correlation searches |
2016-09-01 | SOLNESS-10093 | Email Activity Dashboard stops loading |
2016-08-30 | SOLNESS-9568 | Timeline: Cannot create timeline entries when data fields have "." or "$". |
2016-08-29 | SOLNESS-9867 | ppf_action_history_searches lookup cannot be edited |
2016-08-25 | SOLNESS-10091 | Access Tracker: search/macro inefficiencies (first_time_access, inactive_accounts, inactive_account_usage) |
2016-08-24 | SOLNESS-10003 | Link from Risk Analysis to Incident Review: redirects and form input not working |
2016-08-24 | SOLNESS-9946, SOLNESS-10221 | Port Protocol Profiler Panel loads slowly |
2016-08-24 | SOLNESS-9943 | Forwarder Auditing Panels load slowly |
2016-08-24 | SOLNESS-10079 | Incorrect Splunk version after "What's new in" under help on page Incident Review |
2016-08-23 | SOLNESS-10153 | Timelines created thought IR checkbox add selected to investigation are unable to be deleted |
2016-08-19 | SOLNESS-9787 | False Positive for "Completely Inactive Account" correlation search |
2016-08-19 | SOLNESS-10152 | Suppression Audit: Suppression History Over Time - Last 30 Days displays "Unable to find tag filtered" |
2016-08-14 | SOLNESS-10069 | Content Profile's Data Model Info panel does not include all data models accelerated by ES, nor all knowledge objects relying on each data model |
2016-08-11 | SOLNESS-9676 | Timeline: Cannot highlight or select text |
2016-08-05 | SOLNESS-10042 | Extreme Search: xsCreateDDContext appears to be crashing/core dumping |
2016-08-03 | SOLNESS-10022 | Correlation Search Editor: Incorrectly warning about unmanaged apps |
2016-08-01 | SOLNESS-10013 | Asset/Identity Management macros taking excessive time in eval and rename |
2016-07-28 | SOLNESS-9909, SOLNESS-9938 | Threat Intelligence: off-by-one and ordering error related to fields/skip_header_lines |
2016-07-21 | SOLNESS-9934 | configuration_check://confcheck_correlation_searches error can be wrong when owners do not match |
2016-07-21 | SOLNESS-9937 | Session Center - Underlying Search does not include All_Sessions.user |
2016-07-21 | SOLNESS-9938, SOLNESS-9909 | Threat Intelligence: Collections are not "layering" weight appropriately |
2016-07-06 | SOLNESS-9704 | Brute Force Access Behavior Detected correlation search rule is triggering even when there are 0 failures |
2016-06-27 | SOLNESS-9735 | Notable Event Suppression: error does not happen if you use spaces or special characters in the name |
2016-06-22 | SOLNESS-5295 | Import keyword in local.meta imports from disabled apps |
Last modified on 13 August, 2022
PREVIOUS Release Notes for Splunk Enterprise Security |
NEXT Known Issues for Splunk Enterprise Security |
This documentation applies to the following versions of Splunk® Enterprise Security: 4.5.0
Feedback submitted, thanks!