This documentation does not apply to the most recent version of Splunk® Enterprise Security.
For documentation on the most recent version, go to the latest release.
Download topic as PDF
Fixed Issues
The following issues have been resolved for this version of Splunk Enterprise Security.
Defect number | Description |
SOLNESS-5823 | The Traffic Size Analysis dashboard errors when using the appendcols command: You can only use appendcols after a reporting command (such as stats, chart, or timechart).
|
SOLNESS-6630, 6703 | Memory leak with splunkd. On Cloud, the memory leak is correlated with the number of enabled correlatuion searches. |
SOLNESS-6645 | The Vulnerability Center dashboard drilldown "Vulnerabilities by Severity" does not use the correct severity field on the search page. |
SOLNESS-6811 | The spyeye tracker threat list is obsolete and has been removed from the list of threat lists. |
SOLNESS-6887 | Customized search objects can be saved into apps that do not meet the Enterprise Security app import naming scheme, but cannot be subsequently edited. |
SOLNESS-6894 | Customized search objects can be saved into apps that do not meet the Enterprise Security app import naming scheme, but cannot be subsequently edited. |
SOLNESS-6907 | The risk score object field and type values for the "Threat Activity Detected" correlation search and others that require risk actions were not being properly set. |
SOLNESS-7355 | An empty copy of the demo_identities.csv file can prevent the identity manager from merging all identity data sources.
|
SOLNESS-7396 | The correlation search "Access - Excessive Failed Logins - Rule" is missing default notable title. |
SOLNESS-7413 | The splunkd.log reports the warning opt/splunk/etc/apps/SA-IdentityManagement/default/correlationsearches.conf, line 35: Cannot parse into key-value pair: "alert.suppress": "1",\n "alert.suppress.fields": ["user"]\n}
|
SOLNESS-7414 | A search head configured for FIPS compliance might display an error message stating the configuration is unsupported when installing ES. |
SOLNESS-7451 | The correlation search editor does not display a list of streams available with the Splunk App for Stream installed. |
Last modified on 22 October, 2015
PREVIOUS Release Notes |
NEXT Known Issues |
This documentation applies to the following versions of Splunk® Enterprise Security: 4.0.0
Feedback submitted, thanks!