Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

RN 11.2.1.2: Fixed Issues

Document created by RSA Information Design and Development on Jul 30, 2019•Last modified by RSA Information Design and Development on Jul 31, 2019

Version 2Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Fixed Issues

This section lists issues fixed in NetWitness Platform 11.2.1.2.

Server Fixes

Tracking Number	Description
SACE-10917	Line breaks are not displayed in the Login banner.
ASOC-67123	When the Event Source Manage groups have the Idle time condition defined, alarms are not generated.

Investigate Fixes

Tracking Number	Description
SACE-9738	In the Respond > Alerts view, when you click the Pivot to Investigate option for an IP address, no results are displayed on the Navigate view because the orig_ip meta is given without quotes and the query fails.
SACE-10668	You cannot query using IP address in the Event Analysis view as it is not supported.
SACE-10148	When you query for a session in the File view, Unable to create temporary file /tmp/…… error message is displayed and you will not be able to download the file.
SACE-10734	Meta value with escape sequence is truncated.
SACE-11436	ThreatExpert Search link is broken on the Investigation External Lookup.
ASOC-73008	When you Pivot to Investigate from the dashboard using an IP address, an error message is displayed due to an improper query.

Core Fixes

Core Services include Broker, Concentrator, Decoder, and Log Decoder.

Tracking Number	Description
SACE-10351	Custom index file is not updated when it is pushed from one server to the other.
SACE-11260	Log Decoder service crashes with VALUEMAP and REGEX custom parsers.
ASOC-69957	GeoIP parser meta formats are not consistent across Decoder language and Maxmind database.
ASOC-73054	When you search any string using msearch, it displays an unexpected error.
ASOC-73238	CEF parser removes backslash (\) character.
ASOC-75006	Syslog Octet counting protocol logic stops Log Decoder.
ASOC-78912	NetWitness appliance service crashes with SIGABRT during service monitoring on the Log Decoder.

Admin Fixes

Tracking Number	Description
SACE-10992	Recurring custom feed is not updating Decoders when you select a Decoder Group List.
SACE-10682	On the Event Source Monitoring tab, if you sort by ascending or descending order, the Idle time column is not sorted.
SACE-11478	Unable to edit core attributes of an Active Directory user.
ASOC-79402	When you change the value of the Schedule Recurrence for the Respond datasource in the ContextHub configuration, it is not saved.
ASOC-76477	Unable to log in to the Active Directory using UserPrincipalName.

Windows Collector Fixes

Tracking Number	Description
ASOC-75636	Windows Legacy Collector pulls limited logs from certain event sources.

Archiver Fixes

Tracking Number	Description
SACE-10744	Unable to push index-archiver-custom.xml from one Archiver to other Archiver services.
SACE-10835	In the Archiver configuration, when you try to include any meta on the Meta Include tab, the default meta key word gets added automatically. If you remove this meta selection and click Apply, the word meta is not removed.
ASOC-75691	Unable to view event.time and event.user meta in the Archiver > View > Config > General tab.

Upgrade Fixes

Tracking Number	Description
ASOC-78279	After updating to 11.2.1.1, Reporting Engine restarts multiple times.
ASOC-78205	After updating to 11.2.1, Broker service on Malware appliance crashes.
ASOC-75542	After updating to 11.2, Active Directory user authentication fails intermittently.

Previous Topic:Release Notes

Next Topic:Build Numbers

You are here

Table of Contents > Release Notes > Fixed Issues

Attachments

Outcomes

0 Comments

Recommended Content

Incoming Links