Splunk Enterprise Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

ES 6.2 Incident Review jumps to the top when selecting notable events

momomok
Loves-to-Learn
‎09-05-2021 08:50 PM

Hi,

Ever since upgrading to ES 6.2, there has been a problem bugging our team.

Whenever we select one of the notable events in Incident Review dashboard, the screen would jump to the top. The workaround is to zoom out enough so all notable events show in one screen, but it is suboptimal. Our operator team now either spends lots of time scrolling, or risks selecting wrong notable event for processing. We have tried to provision a new standalone Splunk instance in our environment as a testing (Splunk 8.1.5 + ES6.2), but it is the same.

I didn't seem to find anyone talking about this in the community and also no mentioning of this bug under known issues section in the release notes.

Is there any fix for this apart from upgrading to ES 6.4?

0 Karma
Reply
Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Watch Now!   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to leverage ...

More Control Over Your Monitoring Costs with Archived Metrics!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...

New in Observability Cloud - Explicit Bucket Histograms

Splunk introduces native support for histograms as a metric data type within Observability Cloud with Explicit ...