Fixed issues in Splunk UBA
This version of Splunk UBA fixes the following issues. If no issues are listed, none have been reported.
| Date resolved | Issue number | Description |
|---|---|---|
| 2024-06-07 | UBA-19004, TEA-983 | Offline model Abnormal_VPN_Session_Model took extra long time to run |
| 2024-05-07 | UBA-18536, UBA-18708 | PBGC - Anomaly type "Multiple Authentications" not displaying device information |
| 2024-05-07 | UBA-18354, UBA-18668 | Powershell command and Device List missing |
| 2024-05-02 | UBA-16617 | Repeated Kafka warning message "Received a PartitionLeaderEpoch assignment for an epoch < latestEpoch. This implies messages have arrived out of order" |
| 2024-05-02 | UBA-16886 | Kubelet unable to fetch container log stats for inactive pods |
| 2024-05-02 | UBA-18039 | Unable to install UBA with 2 networking interfaces |
| 2024-05-02 | UBA-18068 | Vulnerability Mitigation for CVE-2023-44487 |
| 2024-05-02 | UBA-18067 | Ubuntu Vulnerability Mitigation for CVE-2022-1292 |
| 2024-05-02 | UBA-17849 | Multiple offline rules are failing after 5.3.0 upgrade due to AnalysisException: Could not resolve column/field reference |
| 2024-04-15 | UBA-18708, UBA-18536 | Bug in supporting evidence generation for time series based anomaly model |
| 2024-03-22 | UBA-18668, UBA-18354 | Powershell command for "Suspicious Powershell Activity" anomaly is missing in anomaly description |
| 2024-03-05 | UBA-12910 | Splunk Direct - Cloud Storage does not expose src_ip field |
| 2024-02-11 | UBA-13227 | Backend anomaly and custom model names are displayed in Splunk UBA |
| 2023-08-22 | UBA-17734 | UBA 5.3.0 Ubuntu deployments contain Log4j in a dangling Docker image layer |
Last modified on 10 June, 2024
| Known issues in Splunk UBA | Log4j in Splunk UBA 5.4.0 |
This documentation applies to the following versions of Splunk® User Behavior Analytics: 5.4.0
Download manual
Feedback submitted, thanks!