Splunk® Enterprise Security

Release Notes

The documentation for Splunk Enterprise Security versions 8.0 and higher have been rearchitected from previous versions, causing some links to have redirect errors. To resolve redirect errors, you must use the version selector on the ES documentation homepage to navigate between the versions.
This documentation does not apply to the most recent version of Splunk® Enterprise Security. For documentation on the most recent version, go to the latest release.

Fixed issues for Splunk Enterprise Security

Splunk Enterprise Security 7.0.1 was released on October 5th, 2022. For more information on release dates for the major versions of Splunk Enterprise Security, see Software Support Policy page.

This release includes fixes for the following issues:


Date resolved Issue number Description
2022-09-19 SOLNESS-32646 Saved searches in Content Management can be enabled or disabled with a bulk update but not using the Actions column.
2022-03-23 SOLNESS-29317 The Risk Factor editor does not update the risk factors in the SPL preview when the risk factor is changed.
2022-03-23 SOLNESS-29516 The inputintelligence custom search command that converts non-threat intelligence as CSV fails to parse with the error message: "dict contains fields not in fieldnames".
2022-02-28 SOLNESS-29960 Investigation summary does not display all the columns correctly when notable events contain long fields and nonbreaking values.
2022-02-18 SOLNESS-27588 URL of the Splunk Platform instance is added to the URL of the Incident Review workflow action link resulting in a 404 error.
2022-02-16 SOLNESS-29139 Splunk Enterprise Security is unable to read the entire threat intelligence feed when using TAXII protocol due to pagination issues.
2022-01-26 SOLNESS-29684 The "Add a Collaborator" and "Active Collaborator" buttons are grayed out in the Investigations page.
2022-01-26 SOLNESS-29306 Excessive long non-breaking string field values causes navigation issues in the Incident Review page.
2022-01-10 SOLNESS-28926 Using the Risk Factor Editor with a custom role that has "edit_risk_factor" capability displays an error.
2022-01-05 SOLNESS-29293 MITRE annotations do not populate for non-English locales.
2022-01-05 SOLNESS-26883 Annotations configured on correlation search editor do not display on the Incident Review page.
2022-01-05 SOLNESS-29301 Error in saving search-driven lookups is caused by an endpoint, which is gated by administrator privileges.
2021-12-13 SOLNESS-29277 After a page refresh, the users who were added to an investigation did not display as part of the investigation.
2021-12-13 SOLNESS-29300 Errors with managed roles when loading the Permissions Manager page.
2021-12-06 SOLNESS-27288 The Submit button on the Incident Review page is grayed out when filters are cleared.
Last modified on 04 October, 2022
Release notes for Splunk Enterprise Security   Known issues for Splunk Enterprise Security

This documentation applies to the following versions of Splunk® Enterprise Security: 7.0.1

Acrobat logo Download manual
Acrobat logo Download this page

Please expect delayed responses to documentation feedback while the team migrates content to a new system. We value your input and thank you for your patience as we work to provide you with an improved content experience!

Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters