This section lists issues fixed after the last major release. For additional information on fixed issues, see the Fixed Version column in the NetWitness® Platform Known Issues list on NetWitness Community.
|ASOC-121157||The services will choose a completely utilized file system (configured as Session DB or Meta DB) to write the files even if they have multiple file systems in different partitions. As a result, the Aggregation and Capture of the services are stopped.|
|ASOC-121269||After adding the aggregate services in the Services Config view, the status of the services is displayed as Indexing instead of Online.|
|ASOC-121150||After adding the services in the Aggregate Services list using Trusted Authentication, if you select multiple services at a time in the Services Config view and click Apply, an error is displayed. As a result, the configuration fails.|
|ASOC-122012||When you query the Concentrator and Archiver service for a specific time period in the Investigate > Events page, few sessions are not displayed in the query results. This is due to the gap in the session aggregation.|
|ASOC-121407||In the absence of defined Pagination and when there are more number of shovel entries in the Admin > Services(Remote Log Collector) > Config > Local Collectors > Destinations, the log collector service takes more time to load the entries.|
|ASOC-119777||In the Live Content view, when you try to create or deploy any resource type (exceeding a certain size limit) such as Bundle, an error message Error retrieving live resources is displayed. As a result, the resources are not downloaded.|
After adding the custom metas in the Event Sources (Admin > Event Sources > Manage > Event Sources view > select an Event Source), when you download the .csv file, the latest updated time is not displayed in the asoc-es-elapsedTime column of the file. If the .csv file is downloaded without adding the custom metas, the asoc-es-elapsedTime column displays no results. When you add more Event Sources to the same IP and download the .csv file, the latest updated time is not displayed in the asoc-es-elapsedTime column.
|ASOC-121412||NetWitness Endpoint agents in version 11.7 use all the CPU and memory while detecting suspicious threads on Windows 10 and Windows Server 2019.|
|ASOC-119353||The file blocking feature of the Endpoint agent results in the failure of third party software installations even if the file - hashes related to the installer are not blocked.|
|ASOC-119007||Events related to final file rename (when downloaded from the browser) are not reported to endpoint-server as there is no change in the file - hash. As a result, the events are not captured in the Investigate > Events view.|
|ASOC-122093||When you try to load the Investigate > Events tab, an error message Unexpected error loading the list of Brokers, Concentrators, and other services to investigate. This may be due to a configuration or connectivity issue. Try refreshing the page. is displayed. As a result, the services cannot be investigated.|