This section lists issues fixed after the last major release. For additional information on fixed issues, see the Fixed Version column in the NetWitness Platform XDR Known Issues list on NetWitness Platform XDR Community portal.
Log Collection Fixes
After upgrading to 18.104.22.168, WinRM log collection is interrupted due to the conflict in the internal artifact. As a result, logs are not collected from the WinRM server.
||The parser mapping (Event Source Monitoring > Discovery) is not working, and it reverts to ‘None‘ due to Acknowledge tab reverting to NO in every 10 minutes.
Health & Wellness Fixes
||The Hosts section under Health & Wellness > Monitoring doesn’t display the Physical drive, logical drive, and adapter details due to an upgrade of the perccli library to the newer version.
Core services (Broker, Concentrator, Decoder, Archiver) Fixes
||In Events or Investigate section, if parsing any packets of any conversations involving an attachment of MSI type, then it is displayed and gets downloaded as a .docx file.
||Decoder packet pool gets depleted while parsing HTTP2 session because while parsing HTTP2 headers, Decoder process sometimes hangs when an overly long literal value is present in HTTP2 headers.
||Security scanner reported that HSTS Security Header (Strict-Transport-Security parameter) missing from HTTPS Response Header on NextGen Core Service Rest Ports/Pages.
||Naming pattern issue was observed after upgrading to 22.214.171.124, and because of that, it was not possible to open an incident in UI. Curly brackets or braces in Alert and Incident rule in Respond being unable to link back to the original event.