Fixed Issues
Version 8.0.40
| Date resolved | Issue number | Description |
|---|---|---|
| 2025-04-01 | BLUERIDGE-15507 | Pairing errors "Invalid credentials" even after being provided credentials |
| 2025-03-27 | BLUERIDGE-15508 | Users cannot search with SPL in AQ Search Bar |
| 2025-03-27 | BLUERIDGE-15562 | The Investigation Overview page does not show investigation data when all findings are deleted from the investigation. |
Version 8.0.31
| Date resolved | Issue number | Description |
|---|---|---|
| 2025-04-16 | SOLNESS-50442, SOLNESS-49939 | Risk values assigned to fields in a detection overwrites risk values assigned using SPL in the same detection. |
Version 8.0.3
| Date resolved | Issue number | Description |
|---|---|---|
| 2025-02-20 | SOLNESS-49522 | Findings can be created even if the entity entered in the UI doesn't match the fields in the search. |
| 2025-01-28 | SOLNESS-44263 | No validation on Config-> General Settings -> Analyst capacity |
| 2024-10-25 | SOLNESS-47267, BLUERIDGE-12937 | Spunk ES Post install configuration page has references to correlation search, Notable, Risk |
| Date resolved | Issue number | Description |
|---|---|---|
| 2025-03-20 | BLUERIDGE-15547 | Records of findings are not visible in an investigation after 30 days. |
| 2025-03-07 | BLUERIDGE-15280 | Summary fields not rendered on Investigations Overview |
| 2025-02-12 | BLUERIDGE-13425, BLUERIDGE-13006 | Field is getting duplicated on every search operation in Table settings modal |
| 2025-02-10 | BLUERIDGE-13528 | Multiple workflow field actions can be opened on the investigation details page |
| 2025-01-24 | BLUERIDGE-13981 | "Reviewer" field is incorrectly set to "splunk-system-user" in _audit index f |
Version 8.0.2
| Date resolved | Issue number | Description |
|---|---|---|
| 2025-01-08 | SOLNESS-47969, SOLNESS-47700, SOLNESS-48285 | CMP SHC - Assign Risk section for OOTB ES EBDs missing Assign Risk risk modifier values |
Version 8.0.1
| Date resolved | Issue number | Description |
|---|---|---|
| 2024-11-06 | SOLNESS-47686 | Square brackets fail on CMS Parsing |
| 2024-11-05 | SOLNESS-46727 | Capability tag_notable_events(associated with ES component "Tag Notable Events") is not added to any roles on ES search head |
| 2024-10-29 | SOLNESS-46669 | Threat Intel data retention issues |
| 2024-10-25 | SOLNESS-47267, BLUERIDGE-12937 | Spunk ES Post install configuration page has references to correlation search, Notable, Risk |
| 2024-10-23 | SOLNESS-45992, SOLNESS-48049 | Threat intelligence feed facing download issues with POST configuration errors |
| Date resolved | Issue number | Description |
|---|---|---|
| 2024-11-06 | BLUERIDGE-12950 | Pagination is sometimes not visible on the Analyst Queue due to findings on other pages being selected |
| 2024-11-04 | BLUERIDGE-11468, SOLNESS-40830, BLUERIDGE-13359 | The "Top Notable Events" panel on the Security Posture dashboard doesn't properly link to the Analyst Queue (the filter for "rule name" is not properly applied) |
| 2024-11-04 | BLUERIDGE-11658 | Analyst Queue doesn't always recover from a search error and instead shows a spinner (implying the search is still running) |
| 2024-11-04 | BLUERIDGE-13304 | ID appears to change when loading the Response Plan on a duplicate Investigation |
| 2024-10-31 | BLUERIDGE-12593 | Saving a note before image upload completes breaks the image preview and does not successfully upload the image |
| 2024-10-29 | BLUERIDGE-13191, BLUERIDGE-13185 | Add a check to see if mc_investigations is ready for convert_pre_es_convergence_incidents_mod_input |
Version 8.0.0
| Date resolved | Issue number | Description |
|---|---|---|
| 2025-01-06 | SOLNESS-48006, SOLNESS-47293 | D for 8.1.0 Fix - Correlation searches "Threat Activity - Systems Impacted By Multiple Threats" and "Threat Activity - Threats Impacting Multiple Systems" were impacted since modifications to threat match searches updated a field. |
| 2024-12-23 | SOLNESS-47313, SOLNESS-43069, SOLNESS-49305 | Incident Review page breaks after Splunk Core upgrade to Python 3.9 module 'time' has no attribute |
| 2024-10-08 | SOLNESS-47142, SOLNESS-47220 | New FBD based findings are being added to a "closed" finding group |
| 2024-10-08 | SOLNESS-47139 | FBD based findings are bumped to the top of AQ after every FBD detection is run |
| 2024-09-24 | SOLNESS-47014, BLUERIDGE-10148 | When manually creating finding - Detection Name is "Manual Notable Event - Rule" |
| 2024-09-13 | SOLNESS-46276, SOLNESS-47314 | Create Notables page only displays error: Cannot read properties of undefined (reading 'value') |
| 2024-08-26 | SOLNESS-44220, SOLNESS-47293 | Correlation searches "Threat Activity - Systems Impacted By Multiple Threats" and "Threat Activity - Threats Impacting Multiple Systems" were impacted since modifications to threat match searches updated a field. |
| 2024-08-19 | SOLNESS-43404, SOLNESS-46942, SOLNESS-47332 | 3460846 - New lines and special characters no longer appearing correctly in notable event Next Steps |
| 2024-08-08 | SOLNESS-42110 | "Something went wrong" error in Risk Analysis Dashboard |
| 2024-07-17 | SOLNESS-44061, SOLNESS-47289 | Threat Intelligence |
| 2024-07-05 | SOLNESS-44563, SOLNESS-47320 | Displays "Action Forbidden" errors in the Security Posture dashboard for SAML authenticated users. |
| 2024-05-20 | SOLNESS-43458, SOLNESS-47295 | Notable Event Suppression Descriptions not saving after entering illegal characters in title name |
| 2024-05-17 | SOLNESS-43753 | Fix Clone dashboard bug for sharing cloned dashboard by role sc_admin on CO2 |
| 2024-05-16 | SOLNESS-43210 | notable adaptive response action - "Next Steps" - URL action is not properly redirecting with multiple query parameters. |
| 2024-04-09 | SOLNESS-32865 | Upgrade "All Investigations" list in Investigation bar uses React instead of the "swc bootstrap" dropdown. |
| Date resolved | Issue number | Description |
|---|---|---|
| 2024-09-27 | BLUERIDGE-9640 | Notes section on Side Panel adds audit trail |
| 2024-09-17 | BLUERIDGE-11375 | After upgrading to Mission Control 3.1.1 and Enterprise Security 8.0, the menu bar in Enterprise Security doesn't update |
| 2024-09-17 | BLUERIDGE-12328, BLUERIDGE-12350 | Side panel allows you to save an empty note, despite error message |
| 2024-09-06 | BLUERIDGE-5577, BLUERIDGE-5403 | Note username should be user that last edited the note |
| 2024-09-04 | BLUERIDGE-11073, BLUERIDGE-11758 | Workflow actions are not able to be used correctly from within the incident review dashboard with multi value fields |
| 2024-09-04 | BLUERIDGE-10257 | Resize icon not showing on side panel if user scrolls down significantly |
| 2024-08-28 | BLUERIDGE-12033 | Notes in Side Panel are difficult to use when truncated |
Version 8.0.1
| Date resolved | Issue number | Description |
|---|---|---|
| 2024-11-06 | SOLNESS-47686 | Square brackets fail on CMS Parsing |
| 2024-11-05 | SOLNESS-46727 | Capability tag_notable_events(associated with ES component "Tag Notable Events") is not added to any roles on ES search head |
| 2024-10-29 | SOLNESS-46669 | Threat Intel data retention issues |
| 2024-10-25 | SOLNESS-47267, BLUERIDGE-12937 | Spunk ES Post install configuration page has references to correlation search, Notable, Risk |
| 2024-10-23 | SOLNESS-45992, SOLNESS-48049 | Threat intelligence feed facing download issues with POST configuration errors |
| Date resolved | Issue number | Description |
|---|---|---|
| 2024-11-06 | BLUERIDGE-12950 | Pagination is sometimes not visible on the Analyst Queue due to findings on other pages being selected |
| 2024-11-04 | BLUERIDGE-11468, SOLNESS-40830, BLUERIDGE-13359 | The "Top Notable Events" panel on the Security Posture dashboard doesn't properly link to the Analyst Queue (the filter for "rule name" is not properly applied) |
| 2024-11-04 | BLUERIDGE-11658 | Analyst Queue doesn't always recover from a search error and instead shows a spinner (implying the search is still running) |
| 2024-11-04 | BLUERIDGE-13304 | ID appears to change when loading the Response Plan on a duplicate Investigation |
| 2024-10-31 | BLUERIDGE-12593 | Saving a note before image upload completes breaks the image preview and does not successfully upload the image |
| 2024-10-29 | BLUERIDGE-13191, BLUERIDGE-13185 | Add a check to see if mc_investigations is ready for convert_pre_es_convergence_incidents_mod_input |
Version 8.0.2
| Date resolved | Issue number | Description |
|---|---|---|
| 2025-01-08 | SOLNESS-47969, SOLNESS-47700, SOLNESS-48285 | CMP SHC - Assign Risk section for OOTB ES EBDs missing Assign Risk risk modifier values |
Version 8.0.3
| Date resolved | Issue number | Description |
|---|---|---|
| 2025-02-20 | SOLNESS-49522 | Findings can be created even if the entity entered in the UI doesn't match the fields in the search. |
| 2025-01-28 | SOLNESS-44263 | No validation on Config-> General Settings -> Analyst capacity |
| 2024-10-25 | SOLNESS-47267, BLUERIDGE-12937 | Spunk ES Post install configuration page has references to correlation search, Notable, Risk |
| Date resolved | Issue number | Description |
|---|---|---|
| 2025-03-20 | BLUERIDGE-15547 | Records of findings are not visible in an investigation after 30 days. |
| 2025-03-07 | BLUERIDGE-15280 | Summary fields not rendered on Investigations Overview |
| 2025-02-12 | BLUERIDGE-13425, BLUERIDGE-13006 | Field is getting duplicated on every search operation in Table settings modal |
| 2025-02-10 | BLUERIDGE-13528 | Multiple workflow field actions can be opened on the investigation details page |
| 2025-01-24 | BLUERIDGE-13981 | "Reviewer" field is incorrectly set to "splunk-system-user" in _audit index f |
Version 8.0.31
| Date resolved | Issue number | Description |
|---|---|---|
| 2025-04-16 | SOLNESS-50442, SOLNESS-49939 | Risk values assigned to fields in a detection overwrites risk values assigned using SPL in the same detection. |
Version 8.0.40
| Date resolved | Issue number | Description |
|---|---|---|
| 2025-04-01 | BLUERIDGE-15507 | Pairing errors "Invalid credentials" even after being provided credentials |
| 2025-03-27 | BLUERIDGE-15508 | Users cannot search with SPL in AQ Search Bar |
| 2025-03-27 | BLUERIDGE-15562 | The Investigation Overview page does not show investigation data when all findings are deleted from the investigation. |
See also
For fixed issues in Splunk SOAR (Cloud), see Fixed issues for Splunk SOAR (Cloud).