This documentation does not apply to the most recent version of Splunk® Phantom (Legacy).
For documentation on the most recent version, go to the latest release.
Fixed issues in this release of Splunk Phantom
Splunk Phantom 4.10 was released on December 9, 2020. This release addresses security issues, Section 508 Amendment to the Rehabilitation Act of 1973 compliance issues, and includes fixes for the following issues.
| Date resolved | Issue number | Description |
|---|---|---|
| 2020-10-19 | PPS-9736 | Many REST API endpoints return text/javascript content_type headers instead of application/json |
| 2020-08-17 | PPS-17004 | Hashicorp vault token saved incorrectly. |
| 2020-07-10 | PPS-17409 | Investigations Timeline: zooming in/out timeline scrolls entire page in Firefox |
| 2020-10-31 | PPS-20023 | Proxy server settings are not applied after OS reboot. |
| 2020-11-20 | PPS-21202 | Phantom Events Resolved In Executive Report - automated closed vs manually closed appear incorrect |
| 2020-10-13 | PPS-21286 | Backup & Restore: Unprivileged cluster restoration onto unprivileged standalone instance and vice versa does not work |
| 2020-10-26 | PPS-21548 | Unprivileged upgrade process does not take into account updated configuration files |
| 2020-06-03 | PPS-21628 | RPM Installer: Shouldn't install on incorrect OS, Red Hat RPM on Centos, vice-versa |
| 2020-08-26 | PPS-22080 | Using special characters in the postgres replicator role password causes warm standby setup to fail. |
| 2020-11-16 | PPS-22144 | Playbook debug statements alter arguments from type unicode to str |
| 2020-08-13 | PPS-22184 | ibackup.pyc (specifically extdb_backup_bootstrap.pyc) overwrites SSH keys for postgres user at /var/lib/pgsql/.ssh/ |
| 2020-07-21 | PPS-23649 | Artifact detail is not updated automatically |
| 2020-11-13 | PPS-23659 | Add to Case: some specific search queries not returning expected result in modal |
| 2020-07-31 | PPS-23664 | Custom Search Index: Directions after removing the index is not accurate. |
| 2020-07-08 | PPS-23674 | The dropdown styles in the Create Report Modal look like they are in the disabled state. |
| 2020-08-10 | PPS-23743 | Backup and Restore: Cluster restore fails if DB password contains special characters |
| 2020-11-06 | PPS-23786 | Make Cluster Node fails when validating pgbouncer user/pwd: PostgresError: /etc/profile.d/tmout.sh: line 1: |
| 2020-08-13 | PPS-23886 | make_cluster_node.pyc fails on Splunk Cloud validating HEC token. |
| 2020-06-23 | PPS-24009 | Playbook API: Exception in condition() |
| 2020-11-17 | PPS-24100 | The phantom.update API mutates the container object with incompatible formats and key/value pairs |
| 2020-11-12 | PPS-24103 | "Failed to validate python in playbook" because of updated python-ldap module |
| 2020-11-12 | PPS-24116 | Cannot save a playbook if websocket connection is down |
| 2020-10-20 | PPS-24153 | Custom list editor only displays a maximum of 11-12 rows on-screen |
| 2020-08-31 | PPS-24251 | Chrome: NVDA Element not accessible via keyboard and does not receive focus. |
| 2020-08-20 | PPS-24252 | Chrome: NVDA AT unable to access list items on dashboard/home drop down list |
| 2020-11-04 | PPS-24269 | App activities no longer log to app_install.log |
| 2020-11-20 | PPS-24172 | API: phantom.decision() returns incorrect result when 3 conditions use AND; 1 condition without overlap result |
| 2020-08-21 | PPS-24278 | Chrome/JAWS AT unable to access the Next button in the pop up window |
| 2020-11-04 | PPS-24287 | Cannot add a playbooks with tenant to workbook |
| 2020-11-23 | PPS-24586 | App install fails with "permission denied" error when the app has an existing state file. |
| 2020-10-15 | PPS-24633 | Analyst Queue table titles should be keyboard accessible |
| 2020-10-08 | PPS-24671 | Unable to keyboard navigate through the Task column options |
| 2020-10-28 | PPS-24674 | delete_containers.pyc ForeignKeyViolation error "workflow_phase" |
| 2020-10-13 | PPS-24678 | Playbooks and Actions are not accessible under Guidance tab in Analyst view of the sources page |
| 2020-10-20 | PPS-24696 | Activity tab accessibility issues |
| 2020-10-13 | PPS-24734 | Investigation page: Action Run Modal inputs are not 508 compliant. |
| 2020-10-16 | PPS-24739 | Unable to keyboard navigate to elements in INVESTIGATION event page |
| 2020-11-01 | PPS-24740 | Incident details partially shown after tabbing through the collapse/expand button |
| 2020-10-14 | PPS-24749 | Guidance Tab actions cannot be interacted with via keyboard enter |
| 2020-10-29 | PPS-24789 | ibackup fails with "Command 'du -s --block-size=1 /opt/phantom/data/db/pg_xlog' returned non-zero exit status 1" |
| 2020-10-30 | PPS-24814 | JAWS unable to access table header dropdowns in Analyst Queue |
| 2020-11-17 | PPS-24981 | Field create_time in Phantom is used as _time during Splunk indexing, when update_time is more appropriate |
| 2020-11-23 | PPS-25028 | Deleting containers causes embedded Splunk Enterprise to consume excessive cpu. "add_to_searchindex" causes high memory usage. |
| 2020-11-24 | PPS-25036 | Splunk Phantom 4.9: timestamps removed from entries in add-es-index-stdout.log |
| 2020-12-02 | PPS-25056 | Importing a playbook with a Custom Function block from a different repo shows a warning when editing |
| 2020-12-01 | PPS-25083 | A Custom Function's associated playbook info does not show if the playbook and the custom function are in different repos |
| 2020-12-03 | PPS-25161 | Duo Auth setup cannot be completed due to test connection failure |
Last modified on 18 August, 2021
| Known issues in this release of Splunk Phantom | Get help for Splunk Phantom |
This documentation applies to the following versions of Splunk® Phantom (Legacy): 4.10
Download manual
Feedback submitted, thanks!