Splunk® Enterprise Security

Release Notes

The documentation for Splunk Enterprise Security versions 8.0 and higher have been rearchitected from previous versions, causing some links to have redirect errors. For documentation on version 8.0, see Splunk Enterprise Security documentation homepage.
This documentation does not apply to the most recent version of Splunk® Enterprise Security. For documentation on the most recent version, go to the latest release.

Fixed issues for Splunk Enterprise Security

Splunk Enterprise Security 7.0.1 was released on October 5th, 2022. For more information on release dates for the major versions of Splunk Enterprise Security, see Software Support Policy page.

This release includes fixes for the following issues:


Date resolved Issue number Description
2022-09-19 SOLNESS-32646 Saved searches in Content Management can be enabled or disabled with a bulk update but not using the Actions column.
2022-03-23 SOLNESS-29317 The Risk Factor editor does not update the risk factors in the SPL preview when the risk factor is changed.
2022-03-23 SOLNESS-29516 The inputintelligence custom search command that converts non-threat intelligence as CSV fails to parse with the error message: "dict contains fields not in fieldnames".
2022-02-28 SOLNESS-29960 Investigation summary does not display all the columns correctly when notable events contain long fields and nonbreaking values.
2022-02-18 SOLNESS-27588 URL of the Splunk Platform instance is added to the URL of the Incident Review workflow action link resulting in a 404 error.
2022-02-16 SOLNESS-29139 Splunk Enterprise Security is unable to read the entire threat intelligence feed when using TAXII protocol due to pagination issues.
2022-01-26 SOLNESS-29684 The "Add a Collaborator" and "Active Collaborator" buttons are grayed out in the Investigations page.
2022-01-26 SOLNESS-29306 Excessive long non-breaking string field values causes navigation issues in the Incident Review page.
2022-01-10 SOLNESS-28926 Using the Risk Factor Editor with a custom role that has "edit_risk_factor" capability displays an error.
2022-01-05 SOLNESS-29293 MITRE annotations do not populate for non-English locales.
2022-01-05 SOLNESS-26883 Annotations configured on correlation search editor do not display on the Incident Review page.
2022-01-05 SOLNESS-29301 Error in saving search-driven lookups is caused by an endpoint, which is gated by administrator privileges.
2021-12-13 SOLNESS-29277 After a page refresh, the users who were added to an investigation did not display as part of the investigation.
2021-12-13 SOLNESS-29300 Errors with managed roles when loading the Permissions Manager page.
2021-12-06 SOLNESS-27288 The Submit button on the Incident Review page is grayed out when filters are cleared.
Last modified on 04 October, 2022
Release notes for Splunk Enterprise Security   Known issues for Splunk Enterprise Security

This documentation applies to the following versions of Splunk® Enterprise Security: 7.0.1


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters