Splunk App for SOAR Export release notes
Welcome to release 4.3.13
This release of Splunk App for SOAR Export, released on June 5, 2024, includes the following enhancements:
Feature | Description |
---|---|
New email datatype | Added a new CEF data type, email , used in both event forwarding and global field mapping.
|
Updated search API endpoint to version 2 |
Updated from Splunk search API endpoint version 1. |
Increased time to send Adaptive Response Action data | Time allotted increased to 10 minutes, to accommodate sending larger amounts of data. |
Event forwarding: FIPS mode | Splunk App for SOAR Export now uses a call to /services/server/info to check if your Splunk deployment is in FIPS mode. FIPS mode affects the SOAR container and artifact source_data_identifier hashes:
|
Updated libraries | Updated the following libraries:
|
Fixed issues in this release
This version of Splunk App for SOAR Export fixes the following issues:
Date resolved | Issue number | Description |
---|---|---|
2024-05-01 | PAPP-32468 | Failed adaptive response action statuses erroneously display as successful |
2024-03-25 | PAPP-33359 | Improve stability to address missing modules that can cause occasional interruptions |
2024-03-06 | PAPP-15101 | Alert Action config: Account names not replicated across search head cluster |
2024-02-28 | PAPP-33280 | Adaptive Response Action needs more time to send data |
2024-02-14 | PAPP-32614 | If field names mapped, Artifacts tab only needs to display custom mapped field names and not original field names |
Known issues in this release
This version of Splunk App for SOAR Export has the following known issues. If there are no issues listed, there are currently no known issues in this release.
Date filed | Issue number | Description |
---|---|---|
2024-02-23 | PAPP-33268 | Custom search does not populate fields to map |
About Splunk App for SOAR Export |
This documentation applies to the following versions of Splunk® App for SOAR Export: 4.3.13
Feedback submitted, thanks!