Skip to main content
Version: Atlas v3.6

Atlas Platform Release Notes

The following table contains the Atlas Platform’s Version History. The Atlas Platform contains multiple components described here, each with their own versioning schema.

An overview of each Atlas Element's Versions can be found here. To view the version of Atlas in your environment, look at the header on the Atlas Core navigation bar.

Atlas Platform Version History

Atlas VersionRelease Date
Atlas V3.6.02023-08-14
Atlas V3.5.22023-08-02
Atlas V3.5.12023-07-21
Atlas V3.5.02023-06-15
Atlas V3.4.32023-05-09
Atlas V3.4.22023-04-26
Atlas V3.4.12023-04-21
Atlas V3.4.02023-04-19
Atlas V3.3.12023-03-29
Atlas V3.3.02023-02-28
Atlas V3.2.02023-01-13
Atlas V3.1.02022-10-31
Atlas V3.0.02022-07-29

Atlas Version 3.6.0

Atlas v3.6.0 introduces a new software licensing option to the Atlas Platform. Atlas will now support user based licenses that will allows only named Splunk users to use the Atlas elements in their environment. This may be an attractive option for Atlas customers who have a limited number of Splunk users that would need to use Atlas. User based licenses can be purchased in monthly or annual subscriptions and are available for purchase from the Atlas Online Store. Atlas Enterprise customers are not affected by this change and will be able to continue operating Atlas in their environment just like before. This licensing model introduces a new flexible method for how customers will consume Atlas while introducing new competitive pricing options. Along with this change, Atlas now has a new license configuration and user configuration interface for Splunk Admins built into the Atlas user interface.

Atlas 3.6.0 also introduces the first release of the Splunk Capacity and Performance Analytics element as well as new STIG Compliance features that will provide more reporting and monitoring capabilities. Overall there have been some usability updates that were introduced to help make accessing the help text more convenient across the entire platform.

  • User Based Licensing has been introduced to the Atlas suite. Customers can now subscribe to Atlas using a user based licensing model. Atlas user based licenses can be purchased through an online store on the Kinney Group website.

  • Atlas Core has a brand new Licensing Configuration dashboard that displays license information about their environment and the status of a user's ability to use Atlas. Splunk admins can also use the new User Configuration dashboard to assign users to Atlas. The license key management page has been moved to a modal that is restricted to Splunk admin users.

  • STIG Compliance has two new reporting dashboards, POA&M Helper and Vulnerability Changes Report which provide convenient reporting for end users that need to get to their data faster. POA&M Helper leverages NIST-800 53-a control data to help link STIG vulnerability data directly to notable controls. Vulnerability Changes Report allows users to see which STIG vulnerabilities have changed over a specified period of time so that they can quickly find changes to compliance in their environment.

Atlas Core V3.0.0

  • Platform version label updated.
  • License Configuration dashboard updated to manage the new licensing models.
  • User Configuration dashboard created to enable admins to assign Atlas access to specific Splunk accounts on User Based Licenses.
  • Fixed an issue so that custom logos will now properly revert back to the correctly configured default icon.

App Awareness V1.1.5

  • Help text updated for readability and accuracy.

Data Management V1.4.2

  • Help text updated for readability and accuracy.

Data Utilization V1.3.3

  • Exporting data now properly displays the data without errors or formatting issues.
  • Data Utilization now consistently captures data used on Splunk federated search heads.

Forwarder Awareness V2.1.9

  • Fixed issues with federated search head deployments.
  • Fixed issues with using Server Class for automatically creating Forwarder Groups.

Scheduling Assistant V1.5.4

  • Searches on the Investigation Table now are sorted by skip counts to prioritize worst searches on top.

Scheduling Inspectors V1.1.8

  • Help text updated for readability and accuracy.

Search Library V1.2.2

  • Help text updated for readability and accuracy.

STIG Compliance V1.9.0

  • Vulnerability Changes Report created to identify changes in status of vulnerabilities across the selected time range. Users can use this report to find which vulnerabilities have recently shifted to Open, or other statuses.
  • POA&M Helper added to enable cross-referencing and exporting NIST 800-53a Control IDs that correspond to specific vulnerabilities found in CKL data. Security managers can use this report to identify what controls may be notable based on Open or Not Reviewed STIG Vulnerabilities.

Splunk Performance and Capacity Analytics V1.0.0

  • Official release of v1.0.0

Atlas Version 3.5.2

Atlas V3.5.2 contains fixes for Forwarder Awareness and Splunk Performance and Capacity Analytics.

Atlas Core V2.2.4

  • Platform version label updated.

Forwarder Awareness V2.1.8

  • Forwarder Awareness now properly handles Server Classes when creating and maintaining Forwarder Groups.

Splunk Performance and Capacity Analytics v0.3 Beta

  • PCA no longer comes prepackaged with enabled scheduled searches that are not utilized.

Atlas Version 3.5.1

Atlas V3.5.1 contains fixes for the Scheduling Assistant and STIG Compliance Atlas Elements.

Atlas Core V2.2.3

  • Platform version label updated.

STIG Compliance V1.8.1

  • STIG vulnerabilities that are locked, now report properly in pie charts on the System Overview and System Compliance dashboards.
  • Updating vulnerabilities using the STIG Compliance user interface will now be reflected in the change history correctly.
  • Splunk users without proper write credentials cannot visualize or interact with the Update Vulnerability modal on STIG Compliance dashboard.

Scheduling Assistant V1.5.3

  • The Atlas Skipped Search Self Service Alert email now properly links back to Scheduling Assistant with correct context utilizing new macro.

Splunk Performance and Capacity Analytics v0.2 Beta

  • Fixed issue where Heavy Forwarders were not appearing under the Support Tier.
  • Fixed issue with duplicated results in System Overview table.
  • Fixed configuration issue where multiple pages on Configuration dashboard caused resetting views when selecting roles for servers.

Atlas Version 3.5.0

Atlas V3.5.0 introduces a brand new foundations element to the Atlas platform. The Splunk Capacity & Performance Analytics element will help Splunk Admins monitor the health of their Splunk environment in one place. STIG Compliance has been enhanced with many usability improvements and has a new workflow that allows you to update the status of vulnerabilities directly from the STIG Viewer dashboard. Additionally, permission handling has been improved across the entire platform to ensure a better user experience.

  • STIG Compliance has been enhanced with an improved STIG Viewer dashboard. The information presented has been modified to present in a more concise manner, and a new Update Vulnerability Status workflow has been integrated into the dashboard, preventing the need to migrate away to another screen to update the status of a vulnerability. These new improvements will bring a familiar STIG viewing experience and help you to find the information you need much quicker on the screen.

  • Splunk Performance and Capacity Analytics [BETA] has been launched with its System Resources monitoring capabilities. This element provides you with a quick way to view the health of your Splunk Enterprise infrastructure and will help you identify any immediate issues that should be looked at. This element was designed by a Splunk Admin for Splunk Admins to eliminate the need to scour the Splunk monitoring console for critical health information and bring all of the information you need into one view. This element was designed to be used everyday by Splunk Admins and help them identify issues quickly when they occur.

Atlas Core V2.2.2

  • When creating a tile on Atlas Core home page, selecting an App is now required
  • Atlas Audit now sorts by latest events instead of earliest
  • Section headers Atlas wide are modified to be thinner to increase usability

Data Utilization V1.3.2

  • A warning notification has been added to inform users if they have insufficient permissions to utilize the dashboards in this element
  • Splunk users without proper capabilities will no longer be able to interact with the configuration settings in this element

Scheduling Assistant V1.5.2

  • Scheduling Assistant dashboard now logs KPIs to the audit index on page load
  • Atlas will now log KPIs correctly to the audit index after the selected Splunk target has changed

Scheduling Inspector V1.1.7

  • Atlas will now log KPIs correctly to the audit index after the selected Splunk target has changed

Splunk Performance and Capacity Analytics V0.1 Beta

  • Beta release of the Splunk Performance and Capacity Analytics element
  • Track Splunk resources on System Resources dashboard to quickly identify problematic trends and status of the Splunk environment
  • Identify and select roles for Splunk instances on an easy to use System Resources dashboard

STIG Compliance V1.8.0

  • New Update Vulnerability modal added to STIG Viewer dashboard that enables users to quickly update a single vulnerability
  • STIG Viewer dashboard updated with new target information design
  • Splunk users without proper capabilities will no longer be able to interact with the Edit Checklists dashboard
  • Filters on Edit Checklists dashboard now properly show targets with selected checklists as options

STIG TA V1.3.2

  • Prevent fields with empty values from being indexed

Atlas Version 3.4.3

Atlas V3.4.3 contains fixes for Federated Search Head deployments, in particular for Forwarder Awareness, Data Utilization, and Monitor. V3.4.3 also contains latest updates to the STIG Library from DISA.

Atlas Core V2.2.1

  • Resolved Federated Search Head deployment issues with Atlas Custom Search 'QueueSearches'. This previously caused Monitor and Data Utilization on Federated Search Head deployments paired with Splunk Cloud to raise erroneous errors.

Forwarder Awareness V2.1.7

  • Updated Forwarder Awareness searches to function with the current state of the Federated Search Head deployment to Splunk Cloud, re-enabling previously broken features such as Forwarder Status and alerting.
  • Forwarder Awareness now updates status of Splunk Forwarders on the 8th minute of every hour instead of the 0th. This will reduce possible concurrency issues in the environment.

STIG Compliance V1.7.2

  • Updated imbedded STIG Library with latest May update from DISA.

Atlas Version 3.4.2

Atlas V3.4.2 contains fixes for Search Library.

Search Library V1.2.1

  • Resolved issues found on Search Library and Pending Searches dashboards where custom searches created before V1.2.0 would not appear. Previously created custom searches will now appear on Search Library.

Atlas Version 3.4.1

Atlas V3.4.1 contains issue resolutions for Atlas Scheduling Assistant.

Scheduling Assistant V1.5.1

  • Resolved issues on the Scheduling Assistant dashboard where skipped searches were not being shown on the Skipped Ratio triage filters and the Skip Count & Skip Ratio columns of the Investigate Searches table.
  • Resolved issues on Scheduling Assistant dashboard where the triage filters were not capturing searches falling between the high and moderate thresholds.

Atlas Version 3.4

Atlas V3.4 introduces powerful new user workflows to Scheduling Assistant and Search Library while bringing numerous visual improvements and increased permission handling across the entire platform. Atlas users across the administrator, power user, and user roles will notice improved usability and performance throughout the entire platform. Users that do not have permissions to perform an action in Atlas are no longer presented with the option when using the platform.

Throughout the platform there have been many usability improvements and enhancements implemented that promise to improve the overall user experience. Many of the improvements implemented in this release were driven by Atlas customer requests and suggestions. Users will notice improved usability for all Atlas deployment scenarios.

  • Scheduling Assistant has been enhanced with an 'Acknowledge Search' feature that will allow users to mark scheduled searches as 'Acknowledged'. Acknowledged searches will be excluded from the Atlas scheduled search analysis, enabling users to focus on the searches that matter to them while they improve their Splunk scheduler health. Scheduling Assistant will now allow users to disable a scheduled search directly from the Atlas interface if you have permissions to do so. Usability improvements were also made to better assist users with invalid inputs when previewing search scheduling changes. Skipped search monitors now show any skips that have occurred in a specific time frame regardless of the number of times it skipped so that users can easily identify all skips that have occurred.

  • Search Library has a new workflow that allows searches to go into a 'Pending' state so that they can be reviewed before being published to the library. Searches created by non-administrative users will be directed to a Pending Searches dashboard, where Splunk administrators can promote these searches after they have been reviewed. Administrators can configure Scheduling Assistant to bypass the 'Pending Searches' workflow if they do not want to utilize it. New searches have been added to the Atlas Search Library that can be used to effectively troubleshoot any Splunk environment.

Search Library Custom Searches Known Issue

Custom searches created before Atlas V3.4 (Search Library V1.2.0) will not appear on any dashboard until Atlas V3.4.2 is installed. Reach out to Expertise on Demand for further assistance if needed.

Atlas Core V2.2.0

  • Atlas users who do not have Splunk permissions to view an app will no longer see the tile on Atlas Core
  • Non-admin users can no longer edit or view the Atlas license key
  • Action icons in tables are now smaller, reducing row height required to display data in larges tables
  • Action icons directing Users to other Atlas interfaces now have a unique hooked arrow icon to distinguish it from straight arrows that leave Atlas
  • Review the new Atlas Permissions and Capability Matrix to configure your Splunk environment to ensure that your users have the correct Splunk permissions and capabilities that are recommended for optimal Atlas usage

App Awareness V1.1.4

  • Fixes implemented to ensure that all user activity is accounted for when calculating App usage
  • KPI descriptions have been updated to be more clear about the data that is being displayed
  • Table names have been updated when viewing details about a specific application

Data Management 1.4.1

  • Splunk users are now directed to the Data Request dashboard if they lack capabilities to use Data Inventory dashboard so that they do not land on a page that they cannot see

Data Utilization 1.3.1

  • Updated logic to ensure that Data Utilization captures activity from Splunk Dashboard Studio 2.0 dashboards
  • Changed default table sort to show highest data ingest and lowest usage first

Forwarder Awareness V2.1.6

  • Updated the element so that it does not trigger Splunk warnings for MAP command on Splunk 9.0.4
  • Changed time formatting to better enable sorting of missing forwarders

Monitor V1.1.0

  • Splunk power users and Splunk users can now view Monitor's dashboards and see Data Watch telemetry
  • Element configuration page was updated for increased accuracy in distributed Splunk environments

Scheduling Assistant V1.5.0

  • Introduces the acknowledged search feature so that searches marked as acknowledged are not counted in investigation table KPIs, but are still present in the Scheduler Performance History chart
  • Skip Counts added to the investigation table so Atlas users can find and sort searches by raw skip count
  • Skip Ratio moderate KPI threshold reduced from above 2.5% to 0% skip rate
  • Invalid cron schedules now raise an alert to inform the user that they have entered invalid data
  • If the user provides data that is mismatched between the entered cron schedule and the inputted time range, a notification will now appear directing the user to correct the issue before a reschedule impact can be shown
  • When Atlas is deployed in "Search Peer deployment", users will no longer see the Disable Search button because that function does not work in that architecture
  • The Launch Search button now goes to the Splunk Search window instead of Splunk's report view
  • Updated the element so that it does not trigger Splunk warnings for MAP command on Splunk 9.0.4
  • Scheduler Information dashboard has been updated to not use an alert color scheme as that was not appropriate for the information displayed

Scheduling Inspector V1.1.6

  • The Launch Search button now goes to the Splunk Search window instead of Splunk's report view
  • On Search Peer deployments, users will no longer see Fix Search button as that does not work in that architecture

Search Library V1.2.0

  • 10 new Search Library searches added in the 'Troubleshooting' category that can be used to help identify common Splunk issues
  • Search Library searches created by Splunk Power Users are now sent to the Pending Searches queue and must be approved by a Splunk administrator so that everyone can see it
  • A new Splunk Macro called 'atlas_custom_search_default_status' was added that can be modified by a Splunk administrator to turn off the Pending searches workflow capability

STIG Compliance V1.7.1

  • Splunk Users and Power Users are notified if they lack proper Splunk Capabilities and Permissions to update a vulnerability

Atlas Version 3.3.1

Atlas V3.3.1 contains fixes for App Awareness and Scheduling Assistant.

Atlas Core V2.1.3

  • Resolved an issue with Splunk deployers being included in resource calculations and as a possible option in Search Head instance dropdown on Scheduling Assistant

App Awareness V1.1.3

  • Redesigned KPIs for increased accuracy by deprecating 'Total Users' KPI and instead identifying enabled and disabled Splunk app counts
  • Resolved Splunk app and dashboard utilization not tracking for React-based dashboards on Splunk 9.0.4

Atlas Version 3.3.0

Atlas V3.3 brings significant enhancements to the Data Utilization, Scheduling Assistant, and STIG Compliance Elements.

  • Data Utilization has been optimized to to increase stability and improve performance in most Splunk environments. With the previous version, in some Splunk environments, this Element did not perform as expected. The new version requires additional configuration steps that must be completed prior to use. A Configuration validation page has been added to simplify the setup of the Element to help you get Data Utilization up and running quickly. Expertise on Demand is available to help you upgrade this Element if you encounter any issues.

  • Scheduling Assistant has been redesigned to address performance issues and will perform better now in most Splunk environments. The most significant change to Scheduling Assistant is that scheduled search triage is easier than ever before using the new user interface. Users can quickly find the problematic searches in their environment because Scheduling Assistant will automatically identify them for you. The search schedule modeling and automated search updates are still available but have been optimized to help you find better search windows faster and easier. You can also now see the SPL of the search along with the associated performance metrics.

  • STIG Compliance has been enhanced to bring massive speed improvements throughout the entire Element. These performance increases should be noticeable on most user interfaces when loading data and visualizations. These performance improvements impact how the state data is stored in Splunk so there is an extra step required to perform an upgrade between older versions and the new version. Be sure to reach out to the Expertise on Demand team to get assistance with the upgrade procedures.

Atlas Core V2.1.2

  • Updated internal Atlas icon library to support new features in other Atlas Elements
  • Fixed issues related to Atlas Audit not properly capturing activity on Atlas Elements

App Awareness V1.1.2

  • Optimized supporting Splunk searches to improve overall performance and efficiency of the Element

Data Utilization V1.3.0

  • Data Utilization now leverages a summary index to improve search speed execution and store historical information. View this page to set up Data Utilization V1.3.0, or get help from Expertise on Demand
  • Data Utilization now has a configuration page to validate configuration settings and ensure the user has appropriate permissions to use all aspects of the Element
  • Added a 'Backfill' function to calculate and store historic data utilization metrics
  • Optimized supporting Splunk searches to improve overall performance and efficiency of the Element

Forwarder Awareness V2.1.5

  • Forwarder Awareness now functions consistently when there are more than 50 thousand Splunk Forwarders in the environment
  • Clicking a Forwarders Group tile no longer opens the Forwarder Report dashboard in a new page
  • Optimized supporting Splunk searches to improve overall performance and efficiency of the Element

Monitor V1.0.3

  • Custom Data Watches on Monitor no longer hit sub-search limits in large environments
  • Clicking a Monitor Group tile no longer opens the Monitor Report dashboard in a new page
  • Optimized supporting Splunk searches to improve overall performance and efficiency of the Element

Monitor TA V1.0.2

  • Moved index config file to default

Scheduling Assistant V1.4.0

  • Scheduling Assistant dashboard enhanced to reveal poor search performance and bad practice scheduled searches
  • Scheduling Assistant dashboard now shows historic scheduler performance
  • Buttons on Scheduling Assistant dashboard now enable viewing and running identified scheduled searches
  • Scheduling Assistant dashboard now showcases the SPL of selected scheduled searches
  • Scheduling Activity dashboard now has a modal for triggering Concurrency Investigations to reduce initial instance impact on load
  • Self Service email for fixing skipped searches enhanced with macros and more accurate language

Search Library V1.1.9

  • Optimized supporting Splunk searches to improve overall performance and efficiency of the Element

Splunk Migration Helper V1.0.4

  • Optimized underlying Splunk searches to improve overall performance and efficiency of the Element

STIG Compliance V1.7.0

warning

Upgrading STIG Compliance to version 1.7.0 from any older version requires additional steps to be taken before the upgrade process. Please reach out to your Expertise on Demand representative for assistance with this upgrade.

  • Implemented a new data storage scheme for state data to improve the overall performance of the Element
  • Comments and Finding Details now properly load in the Checklist Browser on the STIG Viewer dashboard
  • Clicking a System Tile no longer opens the System Compliance dashboard in a new page
  • STIG Compliance Configuration dashboard enable Admins to select what metric index they are utilizing

STIG TA V1.3.1

  • Improvements to Powershell script for Windows to address identified issues

Atlas Version 3.2

Atlas Core V2.1.1

  • Atlas Section banners on Atlas Core and Atlas Audit reduced in thickness
  • Edit Tile icon updated Atlas wide (seen on Forwarder Awareness, Monitor, STIG Compliance)
  • Atlas Audit dashboard time filter realigned to left side of dashboard

Data Management V1.4.0

  • Data Ownership Report created for showing ingest by ownership assigned in Data Inventory
  • Data Inventory shows owners and business units on the table without row expansion
  • Previous Data Watch functionality replaced by Atlas Monitor
  • Data Inventory now shows if a dataset has a corresponding Data Watch in Monitor
  • Fixed issue related to Source Type filtering on Index view showing numbers instead of sourcetypes

Monitor V1.0.2

  • Changed permissions for Data Management integration feature

Search Library V1.1.8

  • Fixed root path issues to ensure apps functions with any URL root prefix

Splunk Migration Helper V1.0.3

  • Fixed root path issues to ensure apps functions with any URL root prefix Fixed issues with app icon not populating in certain environments

STIG Compliance V1.6.0

  • Element now correctly exports large amounts of data on Export Data and Export Checklist dashboards
  • STIG Compliance can now ingest, report, and update checklists that utilize Sites and Instances. To integrate previous data that utilized Sites and Databases, follow these steps
  • Tables now correctly handle special characters
  • STIG Viewer dashboard no longer auto-selects the first Target in the list
  • Applying a Checklist on STIG Library to a pre-existing checklist on a target no longer updates all vulnerabilities to Not A Finding
  • Fixed issue related to STIG Compliance losing context when navigating to Update Vulnerability dashboard from STIG Viewer dashboard
  • Fixed Export Data page showing incorrect rule_status for vulnerabilities
  • Fixed issue related to updating a vulnerability with a SCAP result would sometimes dissociate the SCAP results from the vulnerability

Atlas Version 3.1

Atlas Core V2.1.0

  • Users can now add a custom logo to Atlas Core
  • New License warning banner
  • EULA will appear on every license apply

Data Management V1.3.10

  • Data Inventory ingest size labels now match content

Data Utilization V1.2.3

  • Updated logic for capturing utilization in more environments

Forwarder Awareness V2.1.4

  • New icon for Forwarder Alert Disabled to increase visibility
  • Fixed Source Type search on Forwarder Awareness Report dashboard

Monitor V1.0.1

  • Fixed Empty Latest/Earliest columns on Monitor Report dashboard
  • Fixed time charts on Monitor Report only containing one event
  • Fixed issues that occurred on creating Data Watches on empty data streams
  • Additional logical fixes to increase Monitor stability

Monitor TA V1.0.1

  • Created to define Metric Index on the Index Layer

Scheduling Assistant V1.3.8

  • Empty panels hidden on Scheduling Assistant dashboard

Scheduling Inspector V1.1.5

  • Fixed broken token logic

Search Library V1.1.7

  • Fixed line breaks on Search Activity dashboard

Splunk Migration Helper V1.0.2

  • Fixed Utilization logic to capture more environments

STIG Compliance V1.5.0

  • User can now add custom checklists not included in the STIG Library
  • Data no longer ages out for health scores & statuses
  • Vulnerability Statuses can be locked in to prevent overwrites by more recent data
  • Additional Row Expansions added to tables on STIG Compliance Overview dashboard
  • Speed improvements on dashboards
  • STIG Viewer dashboard now focuses on a single Target at a time
  • Ability to rename Systems after they are created
  • STIG Library Version now displayed on STIG Library dashboard
  • Vulnerability Categories now display on STIG Library dashboard
  • Additional bug fixes

STIG TA V1.3.0

  • Additional ingest edge cases accounted for

Atlas Version 3.0.0

Atlas Core V2.0.0

  • Implemented a new Atlas Core App which introduced a new user experience
  • Create your own Splunk Home Page

App Awareness V1.1.1

  • Logging improvements

Data Management V1.3.9

  • Logging improvements
  • Bug fixes on modals

Data Utilization V1.2.2

  • Splunk 9 compatibility updates
  • Filter to search data sets in utilization report
  • Logging improvements

ES Helper V1.2.5

  • Logging improvements

Forwarder Awareness V2.1.3

  • Added Silence Alarm capability on a per Forwarder basis
  • Fixed visualization titles not appearing
  • Forwarder Awareness logic improvements
  • Logging improvements
  • CSS update to match Atlas Core

Monitor V1.0.0

Scheduling Assistant V1.3.7

  • Works with Federated Search Heads
  • Logging improvements

Scheduling Inspector V1.1.4

  • Works with Federated Search Heads
  • Logging improvements

Search Library V1.1.6

  • Fixed SPL of certain searches
  • Splunk 9 compatibility updates
  • Logging improvements

Splunk Migration Helper V1.0.1

  • Works with Federated Search Heads
  • Splunk 9 compatibility updates
  • Logging improvements
  • KPI logic and label improvements

STIG Compliance V1.4.3

  • Formatting improvements

STIG TA V1.2.1

  • Exception handling improved to prevent host overwriting

SCAP TA V1.2.1

  • Edge case covered for host labeling
  • Added "Index=" to configuration file template