Splunk® SOAR (On-premises)

Release Notes

Acrobat logo Download manual as PDF


Acrobat logo Download topic as PDF

Known issues for

Release 6.1.1

Date filed Issue number Description
2023-10-18 PSAAS-15086 cluster upgrade failing on DatabaseSchema with 'Failed to apply database migrations'

Workaround:
Contact Splunk Support.
2023-10-06 PSAAS-14969 Update from source control of external repo to pull a new Custom Function also creates a new playbook

Workaround:
To avoid this issue:

When using Update From Source Control, always select Force Update.

If you have already encountered this issue:

You have playbooks you didn't create, with names very similar to the custom function name, like custom_functions/<my_custom_function>.

Do not delete these extra playbooks, because that will also delete the custom function. Delete the Source Control repository and recreate it to remove the extra playbooks.

2023-10-04 PSAAS-14948 "validate parameters" button in action modal says "save" instead
2023-09-20 PSAAS-14855 The migration tool for privileged to unprivileged SOAR does not retain known_hosts file.

Workaround:
If any git repos are failing to sync after an privileged to unprivileged migration, follow the steps in Set up a playbook repository using SSH from

Configure a source control repository for your Splunk SOAR (On-premises) playbooks in Administer Splunk SOAR (On-premises).

These steps will add the git server to the known_hosts file of the phantom user in SOAR.

2023-09-15 PSAAS-14790 The make_cluster_node script fails on new cluster with a PGSQL 15 database.
2023-09-14 PSAAS-14784 SOAR gives a "502 bad gateway" error for all SAML logins if a metadata endpoint fails to respond.
2023-09-08 PSAAS-14740 In App editor, Console output is not visible properly in Dark Theme
2023-09-05 PSAAS-14697, PSAAS-14655 Images are not appearing in action's custom view on SOAR (Cloud) and (On-premises) versions 6.1.1 and higher
2023-08-29 PSAAS-14627 VPE: Code from one utility block might be copied into another utility block in the same playbook

Workaround:
In the Python Playbook Editor of the VPE, manually edit the affected blocks to remove duplicate codes.


To keep track of changes you make, clone the playbook before each edit.

2023-08-21 PSAAS-14504 Freshly installed SOAR cluster doesn't have any phantom_scheduler jobs
2023-07-18 PSAAS-14116 App Editor Console Output has black fonts in dark theme

Workaround:
Use the light theme.
  1. Click your account name on the top right, then select Account Settings.
  2. Select the Light Theme, then select Save Changes.

2023-06-27 PSAAS-13913 Playbook UI Bug Post 6.0.1 - Reconfigure Invalid Data Path

Workaround:
Need to not save the playbook and refresh the page
2023-03-07 PSAAS-12591 artifact labels in datapaths are not universally supported

Workaround:
Use a format block to convert datapath results to strings then use the format block's output as the input to downstream action blocks.
2022-04-08 PSAAS-8541 Unreadable characters sporadically appear in UI

Workaround:
Refresh the browser to reload the page.
Last modified on 16 November, 2023
PREVIOUS
Welcome to Splunk SOAR (On-premises) 6.1.1
  NEXT
Fixed issues for

This documentation applies to the following versions of Splunk® SOAR (On-premises): 6.1.1


Was this documentation topic helpful?


You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters