Product Documentation
Abstract
A list of issues fixed in IBM Security QRadar SIEM V7.2.4.
Content
Number | Description |
---|
IV46355 | Rapid7 NeXpose scanner displays an error when the site name pattern field contains an ampersand (&) character |
IV46461 | The test field in the custom properties window might not display special characters as intended |
IV47857 | No notification that events are dropped by a routing rule |
IV50577 | The license details screen may show license details for another host in the deployment |
IV50730 | Backup archives fail to generate due to a missing RPM dependency caused by automatic updates |
IV54191 | Asset search with OS information is slow |
IV54564 | User profiles with only access to reports will throw a 404 error when accessing reports in IE |
IV54606 | After an upgrade to QRadar 7.2 MR1 patch 1, a log source extension might display invalid character symbols |
IV54655 | Deploys may fail when an encrypted connection exists for an unassigned component |
IV54675 | Dashboard time series graphs for event rates (EPS) might display a decrease in an event rate where none exists |
IV54720 | Managed hosts with an HA secondary might experience a Postgres RPM or diskmaint error after a hostservices restart |
IV54734 | Rule responses that send an offense summary email notification might include an unresolvable address in the URL |
IV59270 | Risk score filter not filtering - returning all assets |
IV59284 | Network hierarchy tree shows "undefined" when network group has depth greater than 9 levels |
IV59345 | Improperly formatted system events are being picked up by the CRE log source |
IV60520 | Offense rule condition "log source type(s) that detected the offense" does not fire due to log source mismatch |
IV60570 | Non-admin users unable to view full rule details |
IV60575 | Notification QID value is incorrect |
IV60576 | Improve CRE performance against ports and large database tables |
IV60644 | Excessive SIM audit events for HA SSH activity |
IV60760 | Routing rules filter returning unexpected results |
IV60765 | Filtering payload by regex ending with "\ " interferes with the log activity view |
IV61200 | Sorting in asset details - user list does not work |
IV61255 | QRadar shows a timestamp for 'last seen passive' even if all flow sources are disabled |
IV61260 | Rule test to not create offense if 2 rules are matched is creating an offense |
IV61456 | Column sorting not sorting in the log source window |
IV61687 | Rule information is missing from the audit log when rules are modified |
IV62203 | Manual carriage returns used in the text field of an offense note cause incomplete note output in the audit logs |
IV62349 | WinCollect log source display sorting returns no results in 7.1.0 |
IV62439 | UI problem in Firefox 30 - unable to select level on source network group |
IV62441 | Asset table export shows 0.0.0.0 for the IP at times when the GUI displays a real IP |
IV62476 | Vulnerability details not shown for non-admin user |
IV63048 | Memory leak in bandwidth manager |
IV63122 | When sharing a saved search, 'include in my dashboard' is selected by default and should not be |
IV63346 | Having an equal sign "=" in a rule name can cause events to be dropped and other event pipeline failures |
IV63375 | Large increase in events generated by the system notification log source |
IV63416 | Grouped event searches containing numeric custom properties may return incorrect sum calculations |
IV63452 | When an HA failover occurs, additional bonded interfaces will be removed |
IV63457 | Active directory login fails when trying to authenticate to the API |
IV63462 | PDF report filenames with chinese characters that are mailed do not retain correct chinese characters in the attachment name |
IV63610 | The 'wrap text' check box does not work when selected for viewing Cisco IDS event payloads |
IV63733 | Tunnelrdate warning messages generated even when not using encryption between console and managed host |
IV63742 | 'BB:CategoryDefinition: countries/regions with no remote access' contains an incorrect location name |
IV63743 | Selecting a language option other than english for QRadar Log Manager does not work |
IV63792 | The destination IP sourceport is appended to the destination IP when querying type-b superflows |
IV63798 | Network activity search right click filter options for an application is or is not 'other' does not return correct results |
IV63799 | Change in locale settings from english to any other language causes no data results from flow data application searches |
IV64011 | The number of data variables in an offense CRE SNMP trap does not match that of the associated QRadar file |
IV64141 | QRadar patch may fail or complete but with errors that reference 722_patch_58912.install |
IV64252 | Reference map of maps does not work as described in the QRadar Admin Guide documentation |
IV64738 | QFlow process stops and then fails to start |
IV64977 | Log activity advanced search that specifies using 'logsourcegroupname' only returns results from the group 'other' |
IV65081 | Multiple vulnerabilities in IBM QRadar SIEM (cve-2014-0075, cve-2014-0096, cve-2014-0119) |
IV65711 | Multiple vulnerabilities in IBM QRadar SIEM (cve-2014-3508, cve-2014-3511) |
IV66371 | Rules no longer firing after a reference set is found to be empty or does not exist |
IV66785 | The partition /store/ariel/persistent_data is not monitored by disk sentinel |
IV66787 | No flow information is displayed when using non-english locale in some instances |
IV66874 | The 'admin' tab, 'remote networks and services configuration' page does not load correctly in the QRadar UI |
[{"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Not Applicable","Platform":[{"code":"PF016","label":"Linux"}],"Version":"7.2","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]
Was this topic helpful?
Document Information
Modified date:
17 June 2018
UID
swg27043803