Splunk® Enterprise Security

Release Notes

The documentation for Splunk Enterprise Security versions 8.0 and higher have been rearchitected from previous versions, causing some links to have redirect errors. For documentation on version 8.0, see Splunk Enterprise Security documentation homepage.
This documentation does not apply to the most recent version of Splunk® Enterprise Security. For documentation on the most recent version, go to the latest release.

Fixed issues for Splunk Enterprise Security

Splunk Enterprise Security 7.3.0 was released on December 19, 2023. For more information on release dates for the major versions of Splunk Enterprise Security, see Software Support Policy page.

This release includes fixes for the following issues:


Date resolved Issue number Description
2023-11-30 SOLNESS-40087 In Drilldown Searches, "Latest Offset" UI helper text displays "Earliest Time" instead of "Latest Time".
2023-11-29 SOLNESS-38498 The Risk Score field is not displayed as a link when you expand the rows in Incident Review and go to Additional Fields.
2023-11-29 SOLNESS-36949 The handler for managed lookups is slow.
2023-11-28 SOLNESS-36801 Clicking the Save or Save new filters twice might cause the Incident Review page page to freeze or remain unresponsive.
2023-11-21 SOLNESS-39022 No results returned when searching for a notable using the Short ID.
2023-11-14 SOLNESS-39506 Asset and identity enrichment for "dest" assets causes alignment issue in the Incident Review page.
2023-11-14 SOLNESS-38261 Unable to filter for events using "event_id=notable_id" in the Incident Review page and getting redirected to default filters.
2023-11-08 SOLNESS-36813 The threat_match_field value in threat match searches is updated to include the datamodel.
2023-10-23 SOLNESS-39223 Modular input "confcheck_es_bias_language_cleanup" displays an error after upgrade even when it is disabled.
2023-10-20 SOLNESS-38777 Error message might be displayed when expanding notables in the Incident Review page.
2023-10-20 SOLNESS-36789 Uploading and later deleting a threat intelligence management document does not remove the threat intelligence document from threat artifacts.
2023-09-07 SOLNESS-32889 Creating a correlation search might result in the following error message: "Cannot read properties of undefined (reading 'trim')".
Last modified on 26 July, 2024
Release notes for Splunk Enterprise Security   Known issues for Splunk Enterprise Security

This documentation applies to the following versions of Splunk® Enterprise Security: 7.3.0


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters