Known issues in Splunk IT Service Intelligence
This version of IT Service Intelligence (ITSI) has the following known issues and workarounds.
Backup/Restore and Migration Issues
Date filed | Issue number | Description |
---|---|---|
2024-02-08 | ITSI-34394 | Backup job "Default Scheduled Backup" fails. Error: 'transforms' Workaround: Turn off the Include .conf files option for the Default Scheduled Backup, or when the user creates a full backup. |
2024-01-11 | ITSI-33748 | When restoring objects in ITSI, the restore page does not display the macros of another app used in ITSI searches. Workaround: * Give the Template:All apps Template:Read Template:Write permission to macro and re-triggered the restore |
2024-01-09 | ITSI-33724 | Backup is not getting restored when custom saved searches are used in the service Workaround: * re-triggered the restore without any changes. |
Bulk Import
Date filed | Issue number | Description |
---|---|---|
2024-01-11 | ITSI-33751 | Incorrect count of entities created/updated/skipped is reported when importing entities via search Workaround: Not needed |
Entities
Date filed | Issue number | Description |
---|---|---|
2023-12-04 | ITSI-33264 | Switching the Studio Dashboards or changing the global time range picker resets the token to the default value Workaround: # Modify the tokens after syncing the global time range picker, if you need to modify the global time range. |
2023-09-11 | ITSI-32014 | On Windows type entity_detail page, for the Process Monitoring Info table within Modal, after adjusting the column width, if we move the mouse, the height and width of the column changes Workaround: To resize a column, press Tab until the focus is on the column resize button handle, then use arrow left/right to resize. |
Notable Events
Date filed | Issue number | Description |
---|---|---|
2024-02-13 | ITSI-34430 | Groups Restore in rules engine should not be done based on the bidirectional ticketing events |
2024-02-08 | ITSI-34393 | BDT event should not satisfy 'if episode is broken' action rule for inactive episodes |
2023-10-27 | ITSI-32723 | Newlines are converted to spaces when posting a comment to an Episode |
2023-09-21 | ITSI-32156 | preview results not working while NEAP creation in windows setup |
2023-06-19 | ITSI-31057 | host field value not visible to Rules Engine |
Notable Event Aggregation Policies
Date filed | Issue number | Description |
---|---|---|
2024-02-13 | ITSI-34430 | Groups Restore in rules engine should not be done based on the bidirectional ticketing events |
2024-02-08 | ITSI-34393 | BDT event should not satisfy 'if episode is broken' action rule for inactive episodes |
2023-10-27 | ITSI-32723 | Newlines are converted to spaces when posting a comment to an Episode |
2023-09-21 | ITSI-32156 | preview results not working while NEAP creation in windows setup |
2023-06-19 | ITSI-31057 | host field value not visible to Rules Engine |
Service Analyzer
Date filed | Issue number | Description |
---|---|---|
2024-02-08 | ITSI-34391 | Sidepanel in Service Analyzer does not update KPI values |
Service Definition
Date filed | Issue number | Description |
---|---|---|
2024-01-23 | ITSI-34074 | Unable to create a service when opening the create service modal before the service template API call is done |
2024-01-12 | ITSI-33754 | Simulated Health Score is not working as expected when service dependencies is add to service Workaround: After saving the service, Simulated Health Score calculation work as expected |
Service Health Score
Date filed | Issue number | Description |
---|---|---|
2024-01-12 | ITSI-33754 | Simulated Health Score is not working as expected when service dependencies is add to service Workaround: After saving the service, Simulated Health Score calculation work as expected |
Service Templates
Date filed | Issue number | Description |
---|---|---|
2024-02-09 | ITSI-34402 | Service Template editor unresponsive after upgrade to 4.18.0 |
Uncategorized issues
Date filed | Issue number | Description |
---|---|---|
2024-03-26 | ITSI-34841 | Unable to initialize modular input "service_sandbox_sync_minder" defined in the app "SA-ITOA": Unable to locate suitable script for introspection |
2024-03-14 | ITSI-34680, ITSI-32474 | Browser tab title does not get updated after switching to a different saved Episode Review. Workaround: Reload the Episode Reviev page after the save to reload the Event management state |
2024-02-29 | ITSI-34551 | Breaking event does not trigger breaking action rules |
2024-02-07 | ITSI-34352 | Python runtime error occurs when upgrading glass table definitions in 4.18.0. Workaround: Created a script to apply the workaround. Waiting for the approvals. |
2024-01-12 | ITSI-33757 | stack "xerox" is missing "service sandbox" and "Custom Threshold Windows" from UI Workaround: If user has modified the navigation bar before the upgrade then it has created an entry in the Template:Local/data/ui/nav/default.xml and after the upgrade also Splunk will take the data from the local folder as it has the higher precedence even though it has the updated entry in the Template:Default/data/ui/nav/default.xml with new options. To fix this issue manually add the options from {{settings -> User interface -> Navigation menus}} and select default for the itsi app and add missing entry for the options from Template:Default/data/ui/nav/default.xml |
2024-01-04 | ITSI-33656, ITSI-33634 | Broken KPIs link after deleting service template in Service Sandbox |
2024-01-02 | ITSI-33632 | The ping host action shows "Failed" in header activity detail |
2023-12-22 | ITSI-33539 | Closing an Episode when Rules Engine is disabled does not break the Episode |
2023-12-21 | ITSI-33527 | ELM Policy is executed at a different time then the time shown in the UI after changing the time zone. |
2023-12-20 | ITSI-33491 | 'index', 'splunk_server' and 'splunk_server_group' can not be added by 'Add Column' functionality on episode review page |
2023-12-07 | ITSI-33278 | Cannot create a correlation search with all special character |
2023-10-09 | ITSI-32420 | Retired entities are automatically restored again and marked retirable. |
2023-09-08 | ITSI-32000, ITSI-33662, ITSI-32413 | When multiple episodes are linked to the same Ticket ID(ServiceNow), the filter dropdown for the "Tickets" option displays duplicate Ticket ID |
2023-09-04 | ITSI-31923 | After Changing Splunkd Custom Management Port, the Remedy Action is not working on Windows Instance |
2023-08-09 | ITSI-31657 | No events in itsi_tracked_alerts and itsi_grouped alerts because of Invalid token Workaround: Disable and enabled the itsi_tracked_alerts token: Settings → Data inputs → HTTP Event Collector → Disabled and Enable the token whose index is itsi_tracked_alerts In the scenario where I saw this error message, itsi_grouped_alerts token was also impacted. If itsi_tracked_alerts issue is fixed and you are still not seeing the events in itsi_grouped_alerts, then enable and disable all the tokens related to ITSI EA. If disabling/enabling the token does not work, need to delete the tokens. For OnPrem, need to restart the SH for tokens to be repopulated, for Cloud it should be automatic. |
PREVIOUS Fixed issues in Splunk IT Service Intelligence |
NEXT Removed features in Splunk IT Service Intelligence |
This documentation applies to the following versions of Splunk® IT Service Intelligence: 4.18.0
Feedback submitted, thanks!