This documentation does not apply to the most recent version of Splunk® Enterprise Security.
For documentation on the most recent version, go to the latest release.
Known issues for Splunk Enterprise Security
Splunk Enterprise Security 6.5.0 was released on March 1, 2021. For more information on release dates for the major versions of Splunk Enterprise Security, see Software Support Policy page.
This release includes the following known issues:
| Date filed | Issue number | Description |
|---|---|---|
| 2022-08-12 | SOLNESS-32134 | Correlation search for ES Threat Activity Detected is incorrect.
|
| 2021-09-01 | SOLNESS-28019 | "src" or "dest" fields of Threat Activity events showing as "unknown" even though "threat_match_fields" is "src" or "dest" Workaround: # Navigate to the threat intelligence management page and click on the threat matching tab
|
| 2021-08-31 | SOLNESS-28002 | . ES Traffic centre dashboard is still using the deprecated saved search. |
| 2021-05-12 | SOLNESS-26883 | Annotations configured on correlation search editor do not display on the Incident Review page. |
| 2021-03-24 | SOLNESS-26297 | Poor error handling on invalid identity_manager stanzas Workaround: This error means that one of your identity_manager stanzas in inputs.conf is missing a url setting. You'll need to determine which stanza is missing the required setting and either add the url in or remove it altogether. |
| 2021-03-03 | SOLNESS-25956 | Next Steps for adaptive response actions do not parse correctly in the Incident Review dashboard. Workaround: Enter each of the adaptive response actions on separate lines in the Next Steps field of the Correlation Search editor.
|
Last modified on 28 September, 2022
| Fixed issues for Splunk Enterprise Security | How to find answers and get help with Splunk Enterprise Security |
This documentation applies to the following versions of Splunk® Enterprise Security: 6.5.0 Cloud only
Download manual
Feedback submitted, thanks!