Fixed Issues for Splunk Enterprise Security
The following issues have been resolved for this version of Splunk Enterprise Security.
Date resolved | Issue number | Description |
---|---|---|
2016-10-03 | SOLNESS-10528, SOLNESS-10534, SOLNESS-10548 | Identity_Management.Expired_User_Activity object does not take the _time of the event into account |
2016-09-16 | SOLNESS-10142 | Correlation Search: "Access - Short-lived Account Detected - Rule" suppressing on a non-existent field |
2016-09-15 | SOLNESS-9453 | Incident Review displays max 1000 events; Pagination expects more |
2016-09-08 | SOLNESS-9553 | Upgrade hangs on deprecating add-ons and generates a 400 error in the essinstaller2.log when attempting to disable apps. |
2016-09-06 | SOLNESS-10081 | Custom security domain not available for manual notables or new correlation searches |
2016-09-01 | SOLNESS-10093 | Email Activity Dashboard stops loading |
2016-08-30 | SOLNESS-9568 | Timeline: Cannot create timeline entries when data fields have "." or "$". |
2016-08-29 | SOLNESS-9867 | ppf_action_history_searches lookup cannot be edited |
2016-08-25 | SOLNESS-10091 | Access Tracker: search/macro inefficiencies (first_time_access, inactive_accounts, inactive_account_usage) |
2016-08-24 | SOLNESS-10003 | Link from Risk Analysis to Incident Review: redirects and form input not working |
2016-08-24 | SOLNESS-9946, SOLNESS-10221 | Port Protocol Profiler Panel loads slowly |
2016-08-24 | SOLNESS-9943 | Forwarder Auditing Panels load slowly |
2016-08-24 | SOLNESS-10079 | Incorrect Splunk version after "What's new in" under help on page Incident Review |
2016-08-23 | SOLNESS-10153 | Timelines created thought IR checkbox add selected to investigation are unable to be deleted |
2016-08-19 | SOLNESS-9787 | False Positive for "Completely Inactive Account" correlation search |
2016-08-19 | SOLNESS-10152 | Suppression Audit: Suppression History Over Time - Last 30 Days displays "Unable to find tag filtered" |
2016-08-14 | SOLNESS-10069 | Content Profile's Data Model Info panel does not include all data models accelerated by ES, nor all knowledge objects relying on each data model |
2016-08-11 | SOLNESS-9676 | Timeline: Cannot highlight or select text |
2016-08-05 | SOLNESS-10042 | Extreme Search: xsCreateDDContext appears to be crashing/core dumping |
2016-08-03 | SOLNESS-10022 | Correlation Search Editor: Incorrectly warning about unmanaged apps |
2016-08-01 | SOLNESS-10013 | Asset/Identity Management macros taking excessive time in eval and rename |
2016-07-28 | SOLNESS-9909, SOLNESS-9938 | Threat Intelligence: off-by-one and ordering error related to fields/skip_header_lines |
2016-07-21 | SOLNESS-9934 | configuration_check://confcheck_correlation_searches error can be wrong when owners do not match |
2016-07-21 | SOLNESS-9937 | Session Center - Underlying Search does not include All_Sessions.user |
2016-07-21 | SOLNESS-9938, SOLNESS-9909 | Threat Intelligence: Collections are not "layering" weight appropriately |
2016-07-06 | SOLNESS-9704 | Brute Force Access Behavior Detected correlation search rule is triggering even when there are 0 failures |
2016-06-27 | SOLNESS-9735 | Notable Event Suppression: error does not happen if you use spaces or special characters in the name |
2016-06-22 | SOLNESS-5295 | Import keyword in local.meta imports from disabled apps |
Release Notes for Splunk Enterprise Security | Known Issues for Splunk Enterprise Security |
This documentation applies to the following versions of Splunk® Enterprise Security: 4.5.0
Feedback submitted, thanks!