Fixed Issues

The following issues have been resolved for this version of Splunk Enterprise Security.

Defect number	Description
SOLNESS-5823	The Traffic Size Analysis dashboard errors when using the `appendcols` command: You can only use appendcols after a reporting command (such as stats, chart, or timechart).
SOLNESS-6630, 6703	Memory leak with splunkd. On Cloud, the memory leak is correlated with the number of enabled correlatuion searches.
SOLNESS-6645	The Vulnerability Center dashboard drilldown "Vulnerabilities by Severity" does not use the correct severity field on the search page.
SOLNESS-6811	The spyeye tracker threat list is obsolete and has been removed from the list of threat lists.
SOLNESS-6887	Customized search objects can be saved into apps that do not meet the Enterprise Security app import naming scheme, but cannot be subsequently edited.
SOLNESS-6894	Customized search objects can be saved into apps that do not meet the Enterprise Security app import naming scheme, but cannot be subsequently edited.
SOLNESS-6907	The risk score object field and type values for the "Threat Activity Detected" correlation search and others that require risk actions were not being properly set.
SOLNESS-7355	An empty copy of the `demo_identities.csv` file can prevent the identity manager from merging all identity data sources.
SOLNESS-7396	The correlation search "Access - Excessive Failed Logins - Rule" is missing default notable title.
SOLNESS-7413	The `splunkd.log` reports the warning `opt/splunk/etc/apps/SA-IdentityManagement/default/correlationsearches.conf, line 35: Cannot parse into key-value pair: "alert.suppress": "1",\n "alert.suppress.fields": ["user"]\n}`
SOLNESS-7414	A search head configured for FIPS compliance might display an error message stating the configuration is unsupported when installing ES.
SOLNESS-7451	The correlation search editor does not display a list of streams available with the Splunk App for Stream installed.

Release Notes

Related Answers

Fixed Issues

Comments