Splunk® Enterprise Security

Release Notes

The documentation for Splunk Enterprise Security versions 8.0 and higher have been rearchitected from previous versions, causing some links to have redirect errors. For documentation on version 8.0, see Splunk Enterprise Security documentation homepage.
This documentation does not apply to the most recent version of Splunk® Enterprise Security. For documentation on the most recent version, go to the latest release.

Fixed issues for Splunk Enterprise Security

Splunk Enterprise Security 7.3.1 was released on March 27, 2024. For more information on release dates for the major versions of Splunk Enterprise Security, see Software Support Policy page.

This release includes fixes for the following issues:


Date resolved Issue number Description
2024-03-15 SOLNESS-41634 IR not applying notable_xref filter from generated URL on ES 7.3
2024-03-07 SOLNESS-37062 New drill-down searches in the Correlation Editor can show validation errors if they were saved earlier.
2024-02-16 SOLNESS-36746, SOLNESS-36748 Notable title with non-existent tokens are normalized with "empty strings" in Incident Review page.
2024-02-08 SOLNESS-40719 Time range settings are not saved successfully on the Incident Review page, irrespective of whether the time range is valid or not.
2024-01-31 SOLNESS-32647 Saved searches created in the Content Management page with private settings are not displayed.
2024-01-10 SOLNESS-40127, SOLNESS-40436 Identity Manager with values in the "blacklist" or "blacklist_fields" fields are ignored.
2024-01-09 SOLNESS-40066 The dialog for suppressing notable events does not open after the first suppression is added on the Incident Review page.
2024-01-09 SOLNESS-39996 Unable to export custom Analytic Story from Content Management
2024-01-02 SOLNESS-31600 Using "nobody" as the owner of savedsearches shipped with Splunk Enterprise Security.
2023-12-21 SOLNESS-39507 Updating notable event actions results in the following error: "The update failed: 'list' object has no attribute 'startswith'"
2023-12-20 SOLNESS-39519 Saved filters in the Incident Review page results in a blank page after upgrading to version 7.2.
2023-12-13 SOLNESS-36590 The script 'confcheck_es_bias_language_cleanup' is reported as missing in Splunk Enterprise Security 7.2.0.
Last modified on 06 May, 2024
Release notes for Splunk Enterprise Security   Known issues for Splunk Enterprise Security

This documentation applies to the following versions of Splunk® Enterprise Security: 7.3.1


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters