Splunk® Enterprise

Release Notes

Download manual as PDF

Splunk Enterprise version 7.2 will no longer be supported as of April 30, 2021. See the Splunk Software Support Policy for details. For information about upgrading to a supported version, see How to upgrade Splunk Enterprise.
This documentation does not apply to the most recent version of Splunk. Click here for the latest version.
Download topic as PDF

Fixed issues

Splunk Enterprise 7.2.0 was released on October 2, 2018. This release includes fixes for the following issues.

Issues are listed in all relevant sections. Some issues might appear more than once. To check for additional security issues related to this release, visit the Splunk Security Portal.

Highlighted issues

Date filed Issue number Description
2018-08-29 SPL-159442, SPL-156444 Searches in 7.1.x may take considerably more memory than with 7.0.x or earlier. This applies particularly to searches that search and/or return a large result set. Due to search speed performance improvements some memory usage increase is expected with 7.1.x and later even after this issue is fixed.

Highlighted issues

Date resolved Issue number Description
2018-07-12 SPL-146352, SPL-156438, SPL-156439, SPL-156440, SPL-156441 LDAP reload can severely delay remote app deployment, need app reload metrics to improve diagnosability.

Uncategorized issues

Date resolved Issue number Description
2019-01-23 SPL-160037, FAST-11458, SPL-160858, SPL-160859, SPL-160860, INFRA-5076 Windows 2016 Standard blocked Splunk Enterprise 7.1.3 installation on a VM with BIOS UEFI mode enabled + Secure Boot enabled due to "A digitally signed driver is required"
2018-10-25 SPL-156817 HEC json file give "Invalid data format" on 7.x versions with event sizes greater than 512kb
2018-08-21 SPL-151328, SPL-141808 (Windows Only) Support sslRootCAPath on Windows
2018-08-21 SPL-158931, SPL-160031, SPL-156983, SPL-158938, SPL-160030 Suppress introspection errors from bulletin board on Cloud instances
2018-08-21 SPL-159051, SPL-146261 Search Assistant executes subsearches incurring subsearch side effects and increased CPU and memory usage
2018-08-16 SPL-156996, SPL-154144 CPU Cores Not Calculated Properly or Correctly
2018-08-14 SPL-155772, SPL-157897, SPL-157899 SEDCMD not working for long characters
2018-08-10 SPL-157243, SPL-158583, SPL-158584 Inability to disable UI warnings in messages.conf renders disabling the scheduler impractical.
2018-08-09 SPL-147249 Inputlookup for lookup with space in the filename fails with "Invalid argument: ..." with search optimization enabled
2018-08-08 SPL-154879, SPL-148553 Geostats generates blank map using fieldColors when emailed PDF dashboard
2018-08-01 SPL-157745, SPL-158142 Lengthy login_content messages run off login window
2018-08-01 SPL-156205, SPL-154378 Splunk Introspection mem_used misreporting very high values "17592186044029.098"
2018-07-31 SPL-154660, SPL-156690 KVStore can't start correctly because of MongoDB multikey index limits, no splunk doc mention this, doc update only
2018-07-31 SPL-153699, SPL-158098, SPL-158118, SPL-158120, SPL-155646 Indexer message/slowness after splunk 7 upgrade and possibly reducing indexer capacity to half.
2018-07-31 SPL-157530, SPL-157436 404 Error: quality_of_incoming_data
2018-07-31 SPL-155646, SPL-153699 Indexer Processor thread should attempt to free up the slots to run splunk-optimize
2018-07-31 SPL-157795, SPL-157342 Prebuilt panels text in an app are not extracted for localization when using "splunk extract i18n -app <appname>" command
2018-07-31 SPL-156690, SPL-154660 KVStore can't start correctly because of MongoDB multikey index limits, no splunk doc mention this, doc change only
2018-07-26 SPL-155000, SPL-152888 Chunks of summary index data are routed to the wrong index when queues are blocked
2018-07-26 SPL-147638, SPL-157922, SPL-157923 Splunkd crashes when HEC inputs configuration contains duplicated tokens
2018-07-24 SPL-142942 splunk-powershell.ps1 gets stuck in EndInvoke call when an exception is encountered
2018-07-19 SPL-157319, SPL-156315 After upgrade to 7.x, HEC events greater than 512KB are dropped with parsing errors, resulting in degrade of indexing throughput
2018-07-15 SPL-156193, SPL-153174 Request for better messaging for "Duplicated License situation happen on peer ..."
2018-06-29 SPL-155351, SPL-155035 Splunk Fowarders splunkd process stopping - Crashing thread: HttpClientPollingThread
2018-06-29 SPL-154752, SPL-147803 License master incorrectly calculate the daily license usage and that impact new data input.
2018-06-28 SPL-155716, SPL-155427 CIM Setup page is showing single line because of Indexes.js collection not executing callbacks
2018-05-31 SPL-154018, SPL-154062, SPL-155385, SPL-157142 Splunkd looks for default openssl cert file under build path
2018-05-23 SPL-153958, SPL-153724, SPL-154459 mcollect should check index permissions for the index that it is trying to write to.
2018-05-21 SPL-152084, SPL-153333, SPL-153334, SPL-159597 S2S: clientCert required in outputs.conf on SSL client although requireClientCent=false set on SSL server
2018-05-16 SPL-154139, SPL-154567 embedded report uses oldest search artifact from the history endpoint
2018-05-09 SPL-152887, SPL-154366, SPL-154367 Color Range Feature coupled with real-time search causes the colors to flicker when updating
2018-05-09 SPL-151896, SPL-145371 Bulletin board message timestamp incorrect on SHC members
2018-05-09 SPL-153916, SPL-153668 When exporting to PDF one particular IP Address generates an error while others work
2018-05-03 SPL-153011, SPL-154129, SPL-154130 HTML entity name appears in Tour dialog if username contains &,<,>,",'
2018-04-27 SPL-151228, SPL-153934, SPL-153935, SPL-153937 Add suppression state file listing to splunk diag.
2018-04-13 SPL-153047, SPL-145043 Too long of a dashboard title throws nondescript error message,
2018-04-02 SPL-135274, SPL-151304, SPL-151306, SPL-151307, SPL-152244 search assistant incorrectly wrapping kv pairs in quotes
2018-03-29 SPL-147956, SPL-152814, SPL-153081 mstats not returning results if tmp folder does not exist.
2018-03-28 SPL-145094, SPL-153078, SPL-153079, SPL-153080, SPL-153082 introspection: IOStats read incorrect if more than one partition created on one physical drive
2018-03-27 SPL-151132, SPL-152435, SPL-152437, SPL-152438 PDF export broken with SimpleXML <init> TAG
2018-03-13 SPL-148815, SPL-151755, SPL-155093 Mistranslation of "Product Tour" > "Add Data Tour" in Japanese
Last modified on 28 September, 2020
PREVIOUS
Timestamp recognition of dates with two-digit years fails beginning January 1, 2020
  NEXT
Deprecated features

This documentation applies to the following versions of Splunk® Enterprise: 7.2.0


Was this documentation topic helpful?

Enter your email address, and someone from the documentation team will respond to you:

Please provide your comments here. Ask a question or make a suggestion.

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters