The documentation for Splunk Enterprise Security versions 8.0 and higher have been rearchitected from previous versions, causing some links to have redirect errors. To resolve redirect errors, you must use the version selector on the ES documentation homepage to navigate between the versions.
Fixed issues
| Date resolved | Issue number | Description |
|---|---|---|
| 2025-03-24 | SOLNESS-48316, SOLNESS-48522 | Max_size Error for Threat Input Source : Feed Discarded Despite Adjusted Settings |
| 2025-02-20 | SOLNESS-49522 | Findings can be created even if the entity entered in the UI doesn't match the fields in the search. |
| 2025-01-28 | SOLNESS-44263, SOLNESS-44278 | No validation on Config-> General Settings -> Analyst capacity |
| 2024-10-25 | SOLNESS-47267, BLUERIDGE-12937 | Spunk ES Post install configuration page has references to correlation search, Notable, Risk |
| Date resolved | Issue number | Description |
|---|---|---|
| 2025-03-20 | BLUERIDGE-15547 | Records of findings are not visible in an investigation after 30 days. |
| 2025-03-07 | BLUERIDGE-15280 | Summary fields not rendered on Investigations Overview |
| 2025-02-12 | BLUERIDGE-13425, BLUERIDGE-13006 | Field is getting duplicated on every search operation in Table settings modal |
| 2025-02-10 | BLUERIDGE-13528 | Multiple workflow field actions can be opened on the investigation details page |
| 2025-01-24 | BLUERIDGE-13981 | "Reviewer" field is incorrectly set to "splunk-system-user" in _audit index f |
See also
For fixed issues in Splunk SOAR (Cloud), see Fixed issues for Splunk SOAR (Cloud).
Last modified on 24 March, 2025
| Release notes for Splunk Enterprise Security | Known issues |
This documentation applies to the following versions of Splunk® Enterprise Security: 8.0.3
Download manual
Feedback submitted, thanks!