Splunk Security Essentials mitre_overview Not Load...

kprior201_lilly · ‎05-24-2021

I just upgraded my Splunk Security Essentials app from 3.1.1 to 3.3.3. I'm running Splunk Enterprise 8.1.4. When I access the Analytics Advisor / MITRE ATT&CK Framework page, the MITRE ATT&CK Matrix just refuses to load. Has anyone encountered this, and do you have any troubleshooting suggestions?

aasabatini · ‎05-24-2021

Hi @kprior201_lilly

did you try to check the sources again on the security essentials?

“The answer is out there, Neo, and it’s looking for you, and it will find you if you want it to.”

kprior201_lilly · ‎05-25-2021

I just poked around in that screen, but it doesn't seem to be what I'm looking for. Previously, the MITRE matrix loaded just fine; I have content enabled that should reflect here. The rest of the page loads as well; it's just the one matrix that isn't working.

aasabatini · ‎05-25-2021

Hi @kprior201_lilly

what version of security essentials do you have installed?

Can you share a screen of mitre matrix to check the error?

Regards

Alessandro

“The answer is out there, Neo, and it’s looking for you, and it will find you if you want it to.”

kprior201_lilly · ‎05-27-2021

It's version 3.3.3; the screenshot is attached to the original post. It doesn't give an error at all, it just doesn't display the matrix. When I look at the Job Inspector, there aren't any errors, either.

Splunk Security Essentials mitre_overview Not Loading Correctly

dashboard

search

Enterprise Security Content Update (ESCU) | New Releases

Detecting Remote Code Executions With the Splunk Threat Research Team

Observability | Use Synthetic Monitoring for Website Metadata Verification