Splunk Enterprise Security

ES: incident Review is not showing as expected

neelamsantosh
Path Finder

Our incident Review board has different view and not functioning as expected due to which we are unable to filter from the dropdown list

Chrome: up to date (Version 57.0.2987.133 (64-bit))
Splunk Enterprise : 6.5.2
Splunk ES: 4.1
alt text

0 Karma

neelamsantosh
Path Finder

I believe this is known issue SOLNESS-10915. Enterprise Security 4.1 is
not compatible with version 6.5.x of Splunk. It is recommended to upgrade
your Enterprise Security as the workaround for this issue.

http://docs.splunk.com/Documentation/ES/4.1.1/RN/KnownIssues

0 Karma

hardikJsheth
Motivator

I agree with @smoir.

In case you are upgrading from earlier version of ES try to reload the IR page after clearing cache of your browser.

0 Karma

smoir_splunk
Splunk Employee
Splunk Employee

Hello @neelamsantosh,

Make sure you are using a compatible version of Splunk Enterprise with Splunk Enterprise Security.

Check this table for your version of Enterprise Security: http://docs.splunk.com/Documentation/ES/4.6.0/Install/DeploymentPlanning#Splunk_Enterprise_system_re...

Thanks,
Sarah

0 Karma
Register for .conf21 Now! Go Vegas or Go Virtual!

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.