Splunk® App for PCI Compliance

Release Notes

Acrobat logo Download manual as PDF


This documentation does not apply to the most recent version of Splunk® App for PCI Compliance. For documentation on the most recent version, go to the latest release.
Acrobat logo Download topic as PDF

Splunk App for PCI Compliance Known Issues

This version of Splunk App for PCI Compliance includes the following known issues.


Date filed Issue number Description
2017-04-05 SOLNPCI-1605 "Service Details" does not return any results on 6.5.x.

Workaround:
A change in Splunk Enterprise rename behavior negatively impacts duplicate/successive renames. Remove the erroneous rename command from the Service Details search in pci_prohibited_services.


Before: 

... | `get_interesting_processes_by_pci_domain` | rename app as process | `services_tracker` | `get_interesting_services_by_pci_domain` | rename app as service | ...


After: 

... | `get_interesting_processes_by_pci_domain` | `services_tracker` | `get_interesting_services_by_pci_domain` | ...
2017-04-05 SOLNPCI-1604 "Anomalous System Uptime" does not return any results on 6.5.x

Workaround:
A change in Splunk Enterprise rename behavior negatively impacts duplicate/successive renames. Remove the erroneous rename command from the Anomalous System Uptime search in pci_anomalous_system_update.


Before: 

... | `get_asset(dest)` | rename dest_asset_id as asset_id | `unprepend_assets(dest)` | ...


After: 

... | `get_asset(dest)` | `unprepend_assets(dest)` | ...


2017-02-08 SOLNPCI-1579 Drill down search returns "No result found" from "Incident Review->notable events->Contributing Events"
2016-12-05 SOLNPCI-1572 Investigations created in PCI open in Splunk Enterprise Security context instead of Splunk App for PCI Compliance context
2016-10-26 SOLNPCI-1565, SOLNESS-8919 Some searches provided with PCI Compliance will not work on buckets with reduced TSIDX files.

Workaround:
Some searches provided with the Splunk App for PCI compliance will not work on buckets with reduced TSIDX files. For a list of the searches, see TSIDX reduction compatibility in the Splunk App for PCI Compliance Installation and Configuration Manual.
2016-10-14 SOLNPCI-1563 My Investigations missing from navigation

Workaround:
View investigation timelines in the context of Splunk Enterprise Security.
2015-09-16 SOLNPCI-1391 Compliance Posture - Compliance Status History: tooltip shows numeric value instead of compliance value
2015-09-08 SOLNPCI-1368 PCI Configuration: Navigation editor links to Enterprise Security navigation editor
Last modified on 20 December, 2017
PREVIOUS
Splunk App for PCI Compliance Fixed issues 		  NEXT
Credits

This documentation applies to the following versions of Splunk® App for PCI Compliance: 3.3.1

Was this documentation topic helpful?


You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters