Release notes for
Version 1.0.0 of was released on July 12, 2021.
1.0.0 is compatible with Splunk Enterprise Cloud version 8.2.2104.
The following are known issues for Splunk Security Analytics for AWS.
|Date filed||Issue number||Description|
|22/Jun/21||MUS-148||The Impossible Travel dashboard panel display is misleading. When you view the panel at Cloud Security > Microsoft 365 > Active Directory > Impossible Travel, you expect to see the "top 100" impossible travel events from a set of all impossible travel events. Instead, the panel shows impossible travel events in the "top 100" events where "Operation=UserLoggedIn".|
|n/a||n/a||When data onboarding is finished, EC2 events might not show up immediately in the |
|n/a||n/a||From the menu bar, the first time you navigate to Security Posture you see Health Check warning messages, such as "The server does not meet the recommended minimum system requirements." The check runs the first time you click Security Posture but is not relevant to the beta environment. If you delete the messages, you do not see them on subsequent visits to the Security Posture dashboard.|
|n/a||n/a||In the Security Posture dashboard, the panels for Aggregate System Risk and Aggregate User Risk do not immediately populate with data. You might see a blank panel with the message "Failed to Update" instead. If you hover over the message, you can see errors for the reasons:
Share usage data with Splunk
This documentation applies to the following versions of Splunk® Security Analytics for AWS: 1.0.0