Skip to content
  • There are no suggestions because the search field is empty.

Fixed Issues in 11.7.1.2 Release

Fixed Issues in 11.7.1.2 Release

This section lists issues fixed after the last major release. For additional information on fixed issues, see the Fixed Version column in the NetWitness® Platform Known Issues list on NetWitness Community.

Core Services (Broker, Concentrator, Decoder, Archiver) Fixes

  • Tracking Number: ASOC-121157
  • Description: The services will choose a completely utilized file system (configured as Session DB or Meta DB) to write the files even if they have multiple file systems in different partitions. As a result, the Aggregation and Capture of the services are stopped.

  • Tracking Number: ASOC-121269
  • Description: After adding the aggregate services in the Services Config view, the status of the services is displayed as Indexing instead of Online.

  • Tracking Number: ASOC-121150
  • Description: After adding the services in the Aggregate Services list using Trusted Authentication, if you select multiple services at a time in the Services Config view and click Apply, an error is displayed. As a result, the configuration fails.

  • Tracking Number: ASOC-122012
  • Description: When you query the Concentrator and Archiver service for a specific time period in the Investigate > Events page, few sessions are not displayed in the query results. This is due to the gap in the session aggregation.

Administration Fixes

  • Tracking Number: ASOC-121407
  • Description: In the absence of defined Pagination and when there are more number of shovel entries in the Admin > Services(Remote Log Collector) > Config > Local Collectors > Destinations, the log collector service takes more time to load the entries.

  • Tracking Number: ASOC-119777
  • Description: In the Live Content view, when you try to create or deploy any resource type (exceeding a certain size limit) such as Bundle, an error message Error retrieving live resources is displayed. As a result, the resources are not downloaded.

  • Tracking Number:

    ASOC-121279

  • Description:

    After adding the custom metas in the Event Sources (Admin > Event Sources > Manage > Event Sources view > select an Event Source), when you download the .csv file, the latest updated time is not displayed in the asoc-es-elapsedTime column of the file. If the .csv file is downloaded without adding the custom metas, the asoc-es-elapsedTime column displays no results. When you add more Event Sources to the same IP and download the .csv file, the latest updated time is not displayed in the asoc-es-elapsedTime column.


Endpoint Fixes

  • Tracking Number: ASOC-121412
  • Description: NetWitness Endpoint agents in version 11.7 use all the CPU and memory while detecting suspicious threads on Windows 10 and Windows Server 2019.

  • Tracking Number: ASOC-119353
  • Description: The file blocking feature of the Endpoint agent results in the failure of third party software installations even if the file - hashes related to the installer are not blocked.

  • Tracking Number: ASOC-119007
  • Description: Events related to final file rename (when downloaded from the browser) are not reported to endpoint-server as there is no change in the file - hash. As a result, the events are not captured in the Investigate > Events view.

Investigate Fixes

  • Tracking Number: ASOC-122093
  • Description: When you try to load the Investigate > Events tab, an error message Unexpected error loading the list of Brokers, Concentrators, and other services to investigate. This may be due to a configuration or connectivity issue. Try refreshing the page. is displayed. As a result, the services cannot be investigated.

  • Column 1:
  • Column 2: