This section lists issues fixed after the last major release. For additional information on fixed issues, see the Fixed Version column in the NetWitness Platform XDR Known Issues list on NetWitness Platform XDR Community portal.

Log Collection Fixes

Tracking number Description

After upgrading to, WinRM log collection is interrupted due to the conflict in the internal artifact. As a result, logs are not collected from the WinRM server.

ESM Fixes

Tracking number Description
ASOC-117261 The parser mapping (Event Source Monitoring > Discovery) is not working, and it reverts to ‘None‘ due to Acknowledge tab reverting to NO in every 10 minutes.

Health & Wellness Fixes

Tracking number Description
ASOC-122365 The Hosts section under Health & Wellness > Monitoring doesn’t display the Physical drive, logical drive, and adapter details due to an upgrade of the perccli library to the newer version.

Core services (Broker, Concentrator, Decoder, Archiver) Fixes

Tracking number Description
ASCO-123701 In Events or Investigate section, if parsing any packets of any conversations involving an attachment of MSI type, then it is displayed and gets downloaded as a .docx file.
ASOC-123676 Decoder packet pool gets depleted while parsing HTTP2 session because while parsing HTTP2 headers, Decoder process sometimes hangs when an overly long literal value is present in HTTP2 headers.

Security Fixes

Tracking number Description
ASOC -121942 Security scanner reported that HSTS Security Header (Strict-Transport-Security parameter) missing from HTTPS Response Header on NextGen Core Service Rest Ports/Pages.

Respond Fixes

Tracking number Description
ASOC-123712 Naming pattern issue was observed after upgrading to, and because of that, it was not possible to open an incident in UI. Curly brackets or braces in Alert and Incident rule in Respond being unable to link back to the original event.