The documentation for Splunk Enterprise Security versions 8.0 and higher have been rearchitected from previous versions, causing some links to have redirect errors. For documentation on versions 7.x and earlier, see Splunk Enterprise Security 7.x documentation.
This documentation does not apply to the most recent version of Splunk® Enterprise Security.
For documentation on the most recent version, go to the latest release.
Fixed Issues
| Date resolved | Issue number | Description |
|---|---|---|
| 2025-01-06 | SOLNESS-48006, SOLNESS-47293 | D for 8.1.0 Fix - Correlation searches "Threat Activity - Systems Impacted By Multiple Threats" and "Threat Activity - Threats Impacting Multiple Systems" were impacted since modifications to threat match searches updated a field. |
| 2024-12-23 | SOLNESS-47313, SOLNESS-43069, SOLNESS-49305 | Incident Review page breaks after Splunk Core upgrade to Python 3.9 module 'time' has no attribute |
| 2024-10-08 | SOLNESS-47142, SOLNESS-47220 | New FBD based findings are being added to a "closed" finding group |
| 2024-10-08 | SOLNESS-47139 | FBD based findings are bumped to the top of AQ after every FBD detection is run |
| 2024-09-24 | SOLNESS-47014, BLUERIDGE-10148 | When manually creating finding - Detection Name is "Manual Notable Event - Rule" |
| 2024-09-13 | SOLNESS-46276, SOLNESS-47314 | Create Notables page only displays error: Cannot read properties of undefined (reading 'value') |
| 2024-08-26 | SOLNESS-44220, SOLNESS-47293 | Correlation searches "Threat Activity - Systems Impacted By Multiple Threats" and "Threat Activity - Threats Impacting Multiple Systems" were impacted since modifications to threat match searches updated a field. |
| 2024-08-19 | SOLNESS-43404, SOLNESS-46942, SOLNESS-47332 | 3460846 - New lines and special characters no longer appearing correctly in notable event Next Steps |
| 2024-08-08 | SOLNESS-42110 | "Something went wrong" error in Risk Analysis Dashboard |
| 2024-07-17 | SOLNESS-44061, SOLNESS-47289 | Threat Intelligence |
| 2024-07-05 | SOLNESS-44563, SOLNESS-47320 | Displays "Action Forbidden" errors in the Security Posture dashboard for SAML authenticated users. |
| 2024-05-20 | SOLNESS-43458, SOLNESS-47295 | Notable Event Suppression Descriptions not saving after entering illegal characters in title name |
| 2024-05-17 | SOLNESS-43753 | Fix Clone dashboard bug for sharing cloned dashboard by role sc_admin on CO2 |
| 2024-05-16 | SOLNESS-43210 | notable adaptive response action - "Next Steps" - URL action is not properly redirecting with multiple query parameters. |
| 2024-04-09 | SOLNESS-32865 | Upgrade "All Investigations" list in Investigation bar uses React instead of the "swc bootstrap" dropdown. |
| Date resolved | Issue number | Description |
|---|---|---|
| 2024-09-27 | BLUERIDGE-9640 | Notes section on Side Panel adds audit trail |
| 2024-09-17 | BLUERIDGE-11375 | After upgrading to Mission Control 3.1.1 and Enterprise Security 8.0, the menu bar in Enterprise Security doesn't update |
| 2024-09-17 | BLUERIDGE-12328, BLUERIDGE-12350 | Side panel allows you to save an empty note, despite error message |
| 2024-09-06 | BLUERIDGE-5577, BLUERIDGE-5403 | Note username should be user that last edited the note |
| 2024-09-04 | BLUERIDGE-11073, BLUERIDGE-11758 | Workflow actions are not able to be used correctly from within the incident review dashboard with multi value fields |
| 2024-09-04 | BLUERIDGE-10257 | Resize icon not showing on side panel if user scrolls down significantly |
| 2024-08-28 | BLUERIDGE-12033 | Notes in Side Panel are difficult to use when truncated |
See also
For fixed issues in Splunk SOAR (Cloud), see Fixed issues for Splunk SOAR (Cloud).
Last modified on 11 February, 2025
| Release notes for Splunk Enterprise Security | Known Issues |
This documentation applies to the following versions of Splunk® Enterprise Security: 8.0.0
Download manual
Feedback submitted, thanks!