Skip to main content
Version: Atlas v3.10

Atlas Platform Release Notes

The following table contains the Atlas version release history. The Atlas Platform contains multiple components described here, each with their own versioning schema.

An overview of each Atlas Element version can be found here. To view the version of Atlas that you have installed in your environment, look at the for the version id in the footer.

Atlas Platform Version History

Atlas VersionRelease Date
Atlas 3.10.12024-03-18
Atlas 3.10.02024-03-11
Atlas 3.9.22024-02-20
Atlas 3.9.12024-02-06
Atlas 3.9.02024-01-24
Atlas 3.8.12023-11-13
Atlas 3.8.02023-10-16
Atlas 3.7.02023-10-05
Atlas 3.6.02023-08-14
Atlas 3.5.22023-08-02
Atlas 3.5.12023-07-21
Atlas 3.5.02023-06-15
Atlas 3.4.32023-05-09
Atlas 3.4.22023-04-26
Atlas 3.4.12023-04-21
Atlas 3.4.02023-04-19
Atlas 3.3.12023-03-29
Atlas 3.3.02023-02-28
Atlas 3.2.02023-01-13
Atlas 3.1.02022-10-31
Atlas 3.0.02022-07-29

Atlas Version 3.10.1

Atlas v3.10.1 includes updates to STIG Compliance to remove issues with ingesting new CKLB files produced from STIG Viewer V3. This is a recommended update for anyone using STIG Compliance.

Atlas Version 3.10.0

Atlas v3.10.0 includes some significant updates to many elements within the platform. Many of these changes came through customer requests and feedback. These changes are aimed at increasing the usability of many critical Atlas capabilities that improve and optimize the user experience.

  • Forwarder Awareness has undergone significant user interface optimizations to enhance usability. Key updates include the addition of summary Key Performance Indicators (KPIs) at the top of the Forwarder Awareness Report screen, ensuring immediate access to crucial information. Notably, the missing forwarder summary is now prominently displayed at the page's top, allowing for quick filtering of missing forwarders. A "Status" indicator has been introduced in the forwarders table for easy visual identification of a forwarder's current status. Additionally, telemetry visualizations have been repositioned into row expansions, enabling users to analyze data by forwarder as needed, rather than loading visualizations at the bottom of the page. These changes, part of a comprehensive page redesign, aim to improve overall usability and provide users with efficient access to essential information regarding forwarder health status.

  • Monitor now enables you to select a target Splunk Server (indexer) when creating a Data Watch. The addition of a new Splunk Server field in your data watch configuration allows for monitoring data directed to a specific server. Furthermore, a new feature permits the specification of the metrics index in your environment, supporting the capabilities of the Monitor element. This enhancement offers Splunk administrators the flexibility to tailor their environment's configuration. To access this feature, click on 'Configuration' at the top of the page. Modifications to the Create Data Watch modal have optimized the display of help text, ensuring the modal remains within the size constraints of most screens. This adjustment enhances the usability of the Create Data Watch modal.

  • STIG Compliance now supports the new 3 file format produced by STIG Viewer 3. The new .cklb file format is now supported by the Atlas components that help to ingest the data into Splunk. Checklist and SCAP file parsing is also supported on environments that use python or powershell. Data from STIG Viewer 3 checklists will display in STIG Compliance just like STIG Viewer 2 checklists. The Data Collection report has been enhanced to ensure that it can support the STIG Viewer 3 checklist files as well.

  • Atlas Assessment has been updated to show a new set of summary tiles at the top of the Assessment Checks page. These help users to quickly assess the outcome of an assessment so that they can quickly find the categories and checks that should be evaluated by the user first. Additionally, more checks have been added to the assessment process to increase the coverage of items covered by the assessment. The assessment results table now has row expansions which allows the user to see more detailed information about the check and its results. The row expansion shows a detailed description of the check along with a historical view of the assessment checks. Finally, a new capability has been added to the assessment that will collect some basic details of your Splunk environment and and display this information. This is useful for when you want to capture simple data points about your environment without having to navigate through multiple screens within Splunk. Atlas Assessment is available for free on Splunkbase.

  • Search Library has had some new searches added to the library. The new searches that have been added are address common use cases and are useful searches that can be used in almost any Splunk environment. These searches are also featured on many of the blog posts found on the Kinney Group website.

Atlas Core V3.2.2

  • Packages Atlas platform with latest Atlas Assessment.
  • Product version information updates.

Atlas Assessment V2.3.0

  • New summary tiles added at top of Assessment Checks page for quick assessment outcome overview.
  • More checks added to increase coverage of items assessed.
  • New features include row expansions in results table with detailed check information and history.
  • Added the capability to collect and display basic Splunk environment details.

Forwarder Awareness V2.2.0

  • User interface optimizations made to Forwarder Awareness for enhanced usability.
  • Addition of summary Key Performance Indicators (KPIs) at top for quick access to crucial information.
  • Missing forwarder summary now prominently displayed at top for easy filtering.
  • "Status" indicator introduced in forwarders table for easy visual identification of forwarder status.
  • Telemetry visualizations repositioned into row expansions for analyzing data by forwarder as needed.

Monitor V1.2.0

  • Now allows selecting a target Splunk Server (indexer) when creating a Data Watch.
  • New feature permits specifying the metrics index for the Monitor element.
  • Create Data Watch modal optimized with better help text display for improved usability.

Search Library V1.4.0

  • The new searches address common use cases and are useful across Splunk environments.
  • These new searches are also featured in blog posts on the Kinney Group website.

STIG Compliance V1.11.0

  • STIG Compliance now supports the new checklist file format (.cklb) produced by STIG Viewer 3.
  • Atlas technical components updated to ingest data from the new .cklb file format into Splunk for both Python and PowerShell enabled systems.
  • Data Collection report enhanced to support STIG Viewer 3 checklist files.

Atlas STIG TA V1.5.0

  • Now supports Powershell and Python based environments when parsing STIG Viewer 2 and 3 based files.

Atlas TA Monitor

  • This Atlas component has been deprecated in this release because it is no longer needed.

Atlas Version 3.9.2

Atlas v3.9.2 includes updates to Atlas Core, Monitor, and Splunk Performance and Capacity Elements to remove dependencies issues if the entire Atlas platform was not installed. It also resolves encoding issues found on Atlas Monitor released in 3.9.1.

Atlas Version 3.9.1

Atlas v3.9.1 includes an update to the STIG Library in the STIG Compliance element with the January 2024 DISA released STIG/SRG compilations from Cyber Exchange. This update replaces the existing STIG vulnerability references from the July November update. Upgrading Atlas to this version will update the STIG Compliance element and the associated STIG/SRG vulnerability definitions.

Atlas Version 3.9.0

Atlas v3.9.0 delivers significant updates with the introduction of Atlas Targets in Atlas Core, enhanced data ingest stability in STIG Compliance, and various bug fixes and file updates across the Atlas Platform. This version is focused on expanding capabilities and increasing the ease of managing data and configurations in complex environments.

  • Atlas Core now contains Atlas Target Configuration, a new feature that allows Splunk Admins to easily add and manage other Splunk environments from a dedicated configuration page, replacing the need for Search Peers. This feature, currently operational with the Scheduling Assistant [BETA] dashboard, is part of a broader integration plan to enhance functionality across the platform.
  • Scheduling Assistant upgraded to leverage Atlas Targets, the new Scheduling Assistant [BETA] dashboard now enables admins to modify search schedules in multiple remote Splunk environments. This enhancement is crucial for managing scheduler health across varied environments, while only being accessible only via Splunk Admin credentials.
  • STIG Compliance enhancements focused on robust data ingest stability. Improved error handling ensures that corrupt or poorly formatted checklists and SCAP scans do not interrupt the processing of valid data. Additionally, the introduction of a Powershell-based SCAP ingest script facilitates SCAP ingests in Windows environments, further broadening the applicability of this feature.

Atlas Core V3.2.0

  • Packages Atlas platform with latest Atlas Assessment.
  • Atlas Targets Configuration page added to increase functionality in dedicated environments.
  • Updated Atlas Version number and UI dependency library.
  • Added Atlas license information to element and scripts.

App Awareness V1.1.6

  • Added Atlas license information to element and scripts.

Data Management V1.4.4

  • Added Atlas license information to element and scripts.

Data Utilization V1.3.5

  • Added Atlas license information to element and scripts.

ES Helper V1.2.6

  • Added Atlas license information to element and scripts.

Forwarder Awareness V2.1.11

  • Resolved search boxes not filtering correctly on Forwarder Report dashboard.
  • Resolved inconsistencies with Forwarder Group dashboard Group multiselect behavior.
  • Added Atlas license information to element and scripts.

Monitor V1.1.3

  • Added Atlas license information to element and scripts.

Monitor TA V1.0.3

  • Added Atlas license information to element and scripts.

Scheduling Assistant V1.6.0

  • Scheduling Assistant [BETA] dashboard added under Advanced section on the Navigation bar. This dashboard requires Admin capabilities, and leverages Atlas Targets to enable interacting with other Splunk environments.
  • Updated KPI language on Scheduling Assistant dashboard.
  • Added Atlas license information to element and scripts.

Scheduling Inspector V1.1.10

  • Added Atlas license information to element and scripts.

Search Library V1.3.1

  • Added Atlas license information to element and scripts.

Splunk Performance & Capacity Analytics V1.1.0

  • System Resource dashboard on element now contains a Time Picker and Host Selector to better enable usability in large environments.
  • Added Atlas license information to element and scripts.

Splunk Migration Helper V1.0.6

  • Element user interface now functions with latest Splunk V9.1.x versions without configuration changes required.

STIG Compliance V1.10.2

  • System and Target health scores now correctly interpret STIG Checklists that lack vulnerabilities in a category as 0. This change may lower overall health scores of targets with incomplete checklists moving forward.
  • Fixed System filter on Export Checklist dashboard so it properly filters results.
  • Added Atlas license information to element and scripts.

STIG TA V1.4.0

  • Corrupted checklists no longer stop other files from being ingested, and are now send to a subdirectory called 'failed'.
  • Enhanced logging of successes and failures on ingest.
  • Added Atlas license information to element and scripts.

SCAP TA V1.3.0

  • Powershell version of SCAP parser added to the Technical Add-on.
  • Corrupted checklists no longer stop other files from being ingested, and are now send to a subdirectory called 'failed'.
  • Enhanced logging of successes and failures on ingest.
  • Added Atlas license information to element and scripts.

Atlas Version 3.8.1

Atlas v3.8.1 includes an update to the STIG Library in the STIG Compliance element with the November 2023 DISA released STIG/SRG compilations from Cyber Exchange. This update replaces the existing STIG vulnerability references from the July 2023 update. Upgrading Atlas to this version will update the STIG Compliance element and the associated STIG/SRG vulnerability definitions.

Atlas Version 3.8.0

Atlas v3.8.0 introduces a new feature to the STIG Compliance element called Dynamic Systems. This feature allows targets to automatically be assigned to systems giving you even more real-time visibility into the STIG compliance health of your environment. This version of Atlas also introduces some optimizations to Atlas Monitor to improve the performance of Data Watches and resolves some known issues. If you are an Atlas STIG Compliance user you will definitely want to take a look at this version of Atlas because there are some powerful new features available.

  • STIG Compliance has been updated with pattern matching on the hostname for adding targets to system definitions. You can now use wild card strings to have STIG Compliance automatically assign targets to a user defined system based on the hostname. This eliminates the need to manually assign targets to systems and when new STIG checklists are added, they will automatically be assigned to the systems that meet those definitions. This feature allows system compliance health scores to automatically update when new targets are added to Splunk through data ingest. This feature includes the ability to create ignore lists as well so that patterns can be used to ensure that certain targets are not included in systems. With these new features you can create flexible rules for how you want to visualize the compliance of your environment. You can still update assign targets to systems like before which will take precedence over the wildcard definitions. A powerful target preview feature has been implemented on the System creation and modification modal that allows you to see targets that match system definition rules so that you can be sure you are creating the systems exactly how you want them before saving them.

Atlas Core V3.1.1

  • Updated Atlas Version number and UI dependency library.

Monitor V1.1.2

  • Optimizations were implemented that will improve the performance of Data Watches.

Scheduling Assistant V1.5.6

  • Element user interface now functions with latest Splunk V9.1.x versions without configuration changes required.

STIG Compliance V1.10.0

  • On System creation and edit, Atlas users can now assign targets to systems using text patterns against the hostname of the target. These patterns will apply automatically to any new targets ingested into Splunk.
  • On System creation and edit, Atlas users can now create ignore targets by using text patterns. These patterns will tell the system to ignore new targets that match the format so that they are not included in any system definitions.
  • Known issue was resolved in the Edit Vulnerability dashboard where incorrect data was displayed in on unchanged inputs.

Atlas Version 3.7.0

Atlas v3.7.0 introduces enhancements to Monitor and Search Library while updating the Atlas user interface to function with latest Splunk 9 versions without any configuration changes. V3.7.0 also resolves known issues and identified bugs on Monitor and STIG Compliance.

  • Splunk 9.1.x Version Support has been integrated into the Atlas Platform, this enables the Atlas user interface to function properly without making any configuration changes on the latest Splunk versions.

  • Monitor has been enhanced with a clear visualization on the Monitor Overview dashboard for which Monitor Groups have alerting enabled or disabled.

  • Search Library has been updated with management focused enhancements, including a prepackaged alert to notify individuals of new pending searches, search owner details now pre-populate with the current user, and search owner is now required on search creation.

Atlas Core V3.1.0

  • License warning banner now takes your license length into account
  • License expiration alerts on the user interface happen closer to the expiration dates for monthly Atlas licenses.
  • Element now functions with latest Splunk V9.1.x versions without configuration changes required.

Data Management V1.4.3

  • Element user interface now functions with latest Splunk V9.1.x versions without configuration changes required.

Data Utilization V1.3.4

  • Element user interface now functions with latest Splunk V9.1.x versions without configuration changes required.

Forwarder Awareness V2.1.10

  • Element user interface now functions with latest Splunk V9.1.x versions without configuration changes required.

Monitor V1.1.1

  • Element user interface now functions with latest Splunk V9.1.x versions without configuration changes required.
  • Monitor groups on Monitor Overview now have icons that reveal current monitoring status on the monitor group tile.
  • Issue resolved where Monitor Report dashboard would not load or would load information pertaining to the wrong Monitor Group.
  • Issue resolved where Monitor was failing to report correct event counts on high volume data sets.

Scheduling Assistant V1.5.5

  • Element user interface now functions with latest Splunk V9.1.x versions without configuration changes required.

Scheduling Inspector V1.1.9

  • Element user interface now functions with latest Splunk V9.1.x versions without configuration changes required.

Search Library V1.3.0

  • Element user interface now functions with latest Splunk V9.1.x versions without configuration changes required.
  • Owner and Owner Contact will now auto populate with the current user account's information on search creation.
  • Owner is now a required field during search creation.
  • Saved search created that can alert specific users about new pending searches.

Splunk Migration Helper V1.0.5

  • Element user interface now functions with latest Splunk V9.1.x versions without configuration changes required.

Splunk Performance & Capacity Analytics V1.0.1

  • Element user interface now functions with latest Splunk V9.1.x versions without configuration changes required.

STIG Compliance V1.9.1

  • Element user interface now functions with latest Splunk V9.1.x versions without configuration changes required.
  • Atlas STIG Compliance State Library Update added to remove any deprecated vulnerabilities.
  • Issue resolved where a CKL created from STIG Compliance wouldn't be accepted for ingest back into STIG Compliance.
  • Removed all '\' appearing on STIG Viewer and STIG Library dashboards.

Atlas Version 3.6.0

Atlas v3.6.0 introduces a new software licensing option to the Atlas Platform. Atlas will now support user based licenses that will allows only named Splunk users to use the Atlas elements in their environment. This may be an attractive option for Atlas customers who have a limited number of Splunk users that would need to use Atlas. User based licenses can be purchased in monthly or annual subscriptions and are available for purchase from the Atlas Online Store. Atlas Enterprise customers are not affected by this change and will be able to continue operating Atlas in their environment just like before. This licensing model introduces a new flexible method for how customers will consume Atlas while introducing new competitive pricing options. Along with this change, Atlas now has a new license configuration and user configuration interface for Splunk Admins built into the Atlas user interface.

Atlas 3.6.0 also introduces the first release of the Splunk Capacity and Performance Analytics element as well as new STIG Compliance features that will provide more reporting and monitoring capabilities. Overall there have been some usability updates that were introduced to help make accessing the help text more convenient across the entire platform.

  • User Based Licensing has been introduced to the Atlas suite. Customers can now subscribe to Atlas using a user based licensing model. Atlas user based licenses can be purchased through an online store on the Kinney Group website.

  • Atlas Core has a brand new Licensing Configuration dashboard that displays license information about their environment and the status of a user's ability to use Atlas. Splunk admins can also use the new User Configuration dashboard to assign users to Atlas. The license key management page has been moved to a modal that is restricted to Splunk admin users.

  • STIG Compliance has two new reporting dashboards, POA&M Helper and Vulnerability Changes Report which provide convenient reporting for end users that need to get to their data faster. POA&M Helper leverages NIST-800 53-a control data to help link STIG vulnerability data directly to notable controls. Vulnerability Changes Report allows users to see which STIG vulnerabilities have changed over a specified period of time so that they can quickly find changes to compliance in their environment.

Atlas Core V3.0.0

  • Platform version label updated.
  • License Configuration dashboard updated to manage the new licensing models.
  • User Configuration dashboard created to enable admins to assign Atlas access to specific Splunk accounts on User Based Licenses.
  • Fixed an issue so that custom logos will now properly revert back to the correctly configured default icon.

App Awareness V1.1.5

  • Help text updated for readability and accuracy.

Data Management V1.4.2

  • Help text updated for readability and accuracy.

Data Utilization V1.3.3

  • Exporting data now properly displays the data without errors or formatting issues.
  • Data Utilization now consistently captures data used on Splunk federated search heads.

Forwarder Awareness V2.1.9

  • Fixed issues with federated search head deployments.
  • Fixed issues with using Server Class for automatically creating Forwarder Groups.

Scheduling Assistant V1.5.4

  • Searches on the Investigation Table now are sorted by skip counts to prioritize worst searches on top.

Scheduling Inspectors V1.1.8

  • Help text updated for readability and accuracy.

Search Library V1.2.2

  • Help text updated for readability and accuracy.

STIG Compliance V1.9.0

  • Vulnerability Changes Report created to identify changes in status of vulnerabilities across the selected time range. Users can use this report to find which vulnerabilities have recently shifted to Open, or other statuses.
  • POA&M Helper added to enable cross-referencing and exporting NIST 800-53a Control IDs that correspond to specific vulnerabilities found in CKL data. Security managers can use this report to identify what controls may be notable based on Open or Not Reviewed STIG Vulnerabilities.

Splunk Performance & Capacity Analytics V1.0.0

  • Official release of v1.0.0

Atlas Version 3.5.2

Atlas V3.5.2 contains fixes for Forwarder Awareness and Splunk Performance and Capacity Analytics.

Atlas Core V2.2.4

  • Platform version label updated.

Forwarder Awareness V2.1.8

  • Forwarder Awareness now properly handles Server Classes when creating and maintaining Forwarder Groups.

Splunk Performance and Capacity Analytics v0.3 Beta

  • PCA no longer comes prepackaged with enabled scheduled searches that are not utilized.

Atlas Version 3.5.1

Atlas V3.5.1 contains fixes for the Scheduling Assistant and STIG Compliance Atlas Elements.

Atlas Core V2.2.3

  • Platform version label updated.

STIG Compliance V1.8.1

  • STIG vulnerabilities that are locked, now report properly in pie charts on the System Overview and System Compliance dashboards.
  • Updating vulnerabilities using the STIG Compliance user interface will now be reflected in the change history correctly.
  • Splunk users without proper write credentials cannot visualize or interact with the Update Vulnerability modal on STIG Compliance dashboard.

Scheduling Assistant V1.5.3

  • The Atlas Skipped Search Self Service Alert email now properly links back to Scheduling Assistant with correct context utilizing new macro.

Splunk Performance and Capacity Analytics v0.2 Beta

  • Fixed issue where Heavy Forwarders were not appearing under the Support Tier.
  • Fixed issue with duplicated results in System Overview table.
  • Fixed configuration issue where multiple pages on Configuration dashboard caused resetting views when selecting roles for servers.

Atlas Version 3.5.0

Atlas V3.5.0 introduces a brand new foundations element to the Atlas platform. The Splunk Capacity & Performance Analytics element will help Splunk Admins monitor the health of their Splunk environment in one place. STIG Compliance has been enhanced with many usability improvements and has a new workflow that allows you to update the status of vulnerabilities directly from the STIG Viewer dashboard. Additionally, permission handling has been improved across the entire platform to ensure a better user experience.

  • STIG Compliance has been enhanced with an improved STIG Viewer dashboard. The information presented has been modified to present in a more concise manner, and a new Update Vulnerability Status workflow has been integrated into the dashboard, preventing the need to migrate away to another screen to update the status of a vulnerability. These new improvements will bring a familiar STIG viewing experience and help you to find the information you need much quicker on the screen.

  • Splunk Performance and Capacity Analytics [BETA] has been launched with its System Resources monitoring capabilities. This element provides you with a quick way to view the health of your Splunk Enterprise infrastructure and will help you identify any immediate issues that should be looked at. This element was designed by a Splunk Admin for Splunk Admins to eliminate the need to scour the Splunk monitoring console for critical health information and bring all of the information you need into one view. This element was designed to be used everyday by Splunk Admins and help them identify issues quickly when they occur.

Atlas Core V2.2.2

  • When creating a tile on Atlas Core home page, selecting an App is now required
  • Atlas Audit now sorts by latest events instead of earliest
  • Section headers Atlas wide are modified to be thinner to increase usability

Data Utilization V1.3.2

  • A warning notification has been added to inform users if they have insufficient permissions to utilize the dashboards in this element
  • Splunk users without proper capabilities will no longer be able to interact with the configuration settings in this element

Scheduling Assistant V1.5.2

  • Scheduling Assistant dashboard now logs KPIs to the audit index on page load
  • Atlas will now log KPIs correctly to the audit index after the selected Splunk target has changed

Scheduling Inspector V1.1.7

  • Atlas will now log KPIs correctly to the audit index after the selected Splunk target has changed

Splunk Performance and Capacity Analytics V0.1 Beta

  • Beta release of the Splunk Performance and Capacity Analytics element
  • Track Splunk resources on System Resources dashboard to quickly identify problematic trends and status of the Splunk environment
  • Identify and select roles for Splunk instances on an easy to use System Resources dashboard

STIG Compliance V1.8.0

  • New Update Vulnerability modal added to STIG Viewer dashboard that enables users to quickly update a single vulnerability
  • STIG Viewer dashboard updated with new target information design
  • Splunk users without proper capabilities will no longer be able to interact with the Edit Checklists dashboard
  • Filters on Edit Checklists dashboard now properly show targets with selected checklists as options

STIG TA V1.3.2

  • Prevent fields with empty values from being indexed

Atlas Version 3.4.3

Atlas V3.4.3 contains fixes for Federated Search Head deployments, in particular for Forwarder Awareness, Data Utilization, and Monitor. V3.4.3 also contains latest updates to the STIG Library from DISA.

Atlas Core V2.2.1

  • Resolved Federated Search Head deployment issues with Atlas Custom Search 'QueueSearches'. This previously caused Monitor and Data Utilization on Federated Search Head deployments paired with Splunk Cloud to raise erroneous errors.

Forwarder Awareness V2.1.7

  • Updated Forwarder Awareness searches to function with the current state of the Federated Search Head deployment to Splunk Cloud, re-enabling previously broken features such as Forwarder Status and alerting.
  • Forwarder Awareness now updates status of Splunk Forwarders on the 8th minute of every hour instead of the 0th. This will reduce possible concurrency issues in the environment.

STIG Compliance V1.7.2

  • Updated imbedded STIG Library with latest May update from DISA.

Atlas Version 3.4.2

Atlas V3.4.2 contains fixes for Search Library.

Search Library V1.2.1

  • Resolved issues found on Search Library and Pending Searches dashboards where custom searches created before V1.2.0 would not appear. Previously created custom searches will now appear on Search Library.

Atlas Version 3.4.1

Atlas V3.4.1 contains issue resolutions for Atlas Scheduling Assistant.

Scheduling Assistant V1.5.1

  • Resolved issues on the Scheduling Assistant dashboard where skipped searches were not being shown on the Skipped Ratio triage filters and the Skip Count & Skip Ratio columns of the Investigate Searches table.
  • Resolved issues on Scheduling Assistant dashboard where the triage filters were not capturing searches falling between the high and moderate thresholds.

Atlas Version 3.4.0

Atlas V3.4 introduces powerful new user workflows to Scheduling Assistant and Search Library while bringing numerous visual improvements and increased permission handling across the entire platform. Atlas users across the administrator, power user, and user roles will notice improved usability and performance throughout the entire platform. Users that do not have permissions to perform an action in Atlas are no longer presented with the option when using the platform.

Throughout the platform there have been many usability improvements and enhancements implemented that promise to improve the overall user experience. Many of the improvements implemented in this release were driven by Atlas customer requests and suggestions. Users will notice improved usability for all Atlas deployment scenarios.

  • Scheduling Assistant has been enhanced with an 'Acknowledge Search' feature that will allow users to mark scheduled searches as 'Acknowledged'. Acknowledged searches will be excluded from the Atlas scheduled search analysis, enabling users to focus on the searches that matter to them while they improve their Splunk scheduler health. Scheduling Assistant will now allow users to disable a scheduled search directly from the Atlas interface if you have permissions to do so. Usability improvements were also made to better assist users with invalid inputs when previewing search scheduling changes. Skipped search monitors now show any skips that have occurred in a specific time frame regardless of the number of times it skipped so that users can easily identify all skips that have occurred.

  • Search Library has a new workflow that allows searches to go into a 'Pending' state so that they can be reviewed before being published to the library. Searches created by non-administrative users will be directed to a Pending Searches dashboard, where Splunk administrators can promote these searches after they have been reviewed. Administrators can configure Scheduling Assistant to bypass the 'Pending Searches' workflow if they do not want to utilize it. New searches have been added to the Atlas Search Library that can be used to effectively troubleshoot any Splunk environment.

Search Library Custom Searches Known Issue

Custom searches created before Atlas V3.4 (Search Library V1.2.0) will not appear on any dashboard until Atlas V3.4.2 is installed. Reach out to Expertise on Demand for further assistance if needed.

Atlas Core V2.2.0

  • Atlas users who do not have Splunk permissions to view an app will no longer see the tile on Atlas Core
  • Non-admin users can no longer edit or view the Atlas license key
  • Action icons in tables are now smaller, reducing row height required to display data in larges tables
  • Action icons directing Users to other Atlas interfaces now have a unique hooked arrow icon to distinguish it from straight arrows that leave Atlas
  • Review the new Atlas Permissions and Capability Matrix to configure your Splunk environment to ensure that your users have the correct Splunk permissions and capabilities that are recommended for optimal Atlas usage

App Awareness V1.1.4

  • Fixes implemented to ensure that all user activity is accounted for when calculating App usage
  • KPI descriptions have been updated to be more clear about the data that is being displayed
  • Table names have been updated when viewing details about a specific application

Data Management 1.4.1

  • Splunk users are now directed to the Data Request dashboard if they lack capabilities to use Data Inventory dashboard so that they do not land on a page that they cannot see

Data Utilization 1.3.1

  • Updated logic to ensure that Data Utilization captures activity from Splunk Dashboard Studio 2.0 dashboards
  • Changed default table sort to show highest data ingest and lowest usage first

Forwarder Awareness V2.1.6

  • Updated the element so that it does not trigger Splunk warnings for MAP command on Splunk 9.0.4
  • Changed time formatting to better enable sorting of missing forwarders

Monitor V1.1.0

  • Splunk power users and Splunk users can now view Monitor's dashboards and see Data Watch telemetry
  • Element configuration page was updated for increased accuracy in distributed Splunk environments

Scheduling Assistant V1.5.0

  • Introduces the acknowledged search feature so that searches marked as acknowledged are not counted in investigation table KPIs, but are still present in the Scheduler Performance History chart
  • Skip Counts added to the investigation table so Atlas users can find and sort searches by raw skip count
  • Skip Ratio moderate KPI threshold reduced from above 2.5% to 0% skip rate
  • Invalid cron schedules now raise an alert to inform the user that they have entered invalid data
  • If the user provides data that is mismatched between the entered cron schedule and the inputted time range, a notification will now appear directing the user to correct the issue before a reschedule impact can be shown
  • When Atlas is deployed in "Search Peer deployment", users will no longer see the Disable Search button because that function does not work in that architecture
  • The Launch Search button now goes to the Splunk Search window instead of Splunk's report view
  • Updated the element so that it does not trigger Splunk warnings for MAP command on Splunk 9.0.4
  • Scheduler Information dashboard has been updated to not use an alert color scheme as that was not appropriate for the information displayed

Scheduling Inspector V1.1.6

  • The Launch Search button now goes to the Splunk Search window instead of Splunk's report view
  • On Search Peer deployments, users will no longer see Fix Search button as that does not work in that architecture

Search Library V1.2.0

  • 10 new Search Library searches added in the 'Troubleshooting' category that can be used to help identify common Splunk issues
  • Search Library searches created by Splunk Power Users are now sent to the Pending Searches queue and must be approved by a Splunk administrator so that everyone can see it
  • A new Splunk Macro called 'atlas_custom_search_default_status' was added that can be modified by a Splunk administrator to turn off the Pending searches workflow capability

STIG Compliance V1.7.1

  • Splunk Users and Power Users are notified if they lack proper Splunk Capabilities and Permissions to update a vulnerability

Atlas Version 3.3.1

Atlas V3.3.1 contains fixes for App Awareness and Scheduling Assistant.

Atlas Core V2.1.3

  • Resolved an issue with Splunk deployers being included in resource calculations and as a possible option in Search Head instance dropdown on Scheduling Assistant

App Awareness V1.1.3

  • Redesigned KPIs for increased accuracy by deprecating 'Total Users' KPI and instead identifying enabled and disabled Splunk app counts
  • Resolved Splunk app and dashboard utilization not tracking for React-based dashboards on Splunk 9.0.4

Atlas Version 3.3.0

Atlas V3.3 brings significant enhancements to the Data Utilization, Scheduling Assistant, and STIG Compliance Elements.

  • Data Utilization has been optimized to to increase stability and improve performance in most Splunk environments. With the previous version, in some Splunk environments, this Element did not perform as expected. The new version requires additional configuration steps that must be completed prior to use. A Configuration validation page has been added to simplify the setup of the Element to help you get Data Utilization up and running quickly. Expertise on Demand is available to help you upgrade this Element if you encounter any issues.

  • Scheduling Assistant has been redesigned to address performance issues and will perform better now in most Splunk environments. The most significant change to Scheduling Assistant is that scheduled search triage is easier than ever before using the new user interface. Users can quickly find the problematic searches in their environment because Scheduling Assistant will automatically identify them for you. The search schedule modeling and automated search updates are still available but have been optimized to help you find better search windows faster and easier. You can also now see the SPL of the search along with the associated performance metrics.

  • STIG Compliance has been enhanced to bring massive speed improvements throughout the entire Element. These performance increases should be noticeable on most user interfaces when loading data and visualizations. These performance improvements impact how the state data is stored in Splunk so there is an extra step required to perform an upgrade between older versions and the new version. Be sure to reach out to the Expertise on Demand team to get assistance with the upgrade procedures.

Atlas Core V2.1.2

  • Updated internal Atlas icon library to support new features in other Atlas Elements
  • Fixed issues related to Atlas Audit not properly capturing activity on Atlas Elements

App Awareness V1.1.2

  • Optimized supporting Splunk searches to improve overall performance and efficiency of the Element

Data Utilization V1.3.0

  • Data Utilization now leverages a summary index to improve search speed execution and store historical information. View this page to set up Data Utilization V1.3.0, or get help from Expertise on Demand
  • Data Utilization now has a configuration page to validate configuration settings and ensure the user has appropriate permissions to use all aspects of the Element
  • Added a 'Backfill' function to calculate and store historic data utilization metrics
  • Optimized supporting Splunk searches to improve overall performance and efficiency of the Element

Forwarder Awareness V2.1.5

  • Forwarder Awareness now functions consistently when there are more than 50 thousand Splunk Forwarders in the environment
  • Clicking a Forwarders Group tile no longer opens the Forwarder Report dashboard in a new page
  • Optimized supporting Splunk searches to improve overall performance and efficiency of the Element

Monitor V1.0.3

  • Custom Data Watches on Monitor no longer hit sub-search limits in large environments
  • Clicking a Monitor Group tile no longer opens the Monitor Report dashboard in a new page
  • Optimized supporting Splunk searches to improve overall performance and efficiency of the Element

Monitor TA V1.0.2

  • Moved index config file to default

Scheduling Assistant V1.4.0

  • Scheduling Assistant dashboard enhanced to reveal poor search performance and bad practice scheduled searches
  • Scheduling Assistant dashboard now shows historic scheduler performance
  • Buttons on Scheduling Assistant dashboard now enable viewing and running identified scheduled searches
  • Scheduling Assistant dashboard now showcases the SPL of selected scheduled searches
  • Scheduling Activity dashboard now has a modal for triggering Concurrency Investigations to reduce initial instance impact on load
  • Self Service email for fixing skipped searches enhanced with macros and more accurate language

Search Library V1.1.9

  • Optimized supporting Splunk searches to improve overall performance and efficiency of the Element

Splunk Migration Helper V1.0.4

  • Optimized underlying Splunk searches to improve overall performance and efficiency of the Element

STIG Compliance V1.7.0

warning

Upgrading STIG Compliance to version 1.7.0 from any older version requires additional steps to be taken before the upgrade process. Please reach out to your Expertise on Demand representative for assistance with this upgrade.

  • Implemented a new data storage scheme for state data to improve the overall performance of the Element
  • Comments and Finding Details now properly load in the Checklist Browser on the STIG Viewer dashboard
  • Clicking a System Tile no longer opens the System Compliance dashboard in a new page
  • STIG Compliance Configuration dashboard enable Admins to select what metric index they are utilizing

STIG TA V1.3.1

  • Improvements to Powershell script for Windows to address identified issues

Atlas Version 3.2.0

Atlas Core V2.1.1

  • Atlas Section banners on Atlas Core and Atlas Audit reduced in thickness
  • Edit Tile icon updated Atlas wide (seen on Forwarder Awareness, Monitor, STIG Compliance)
  • Atlas Audit dashboard time filter realigned to left side of dashboard

Data Management V1.4.0

  • Data Ownership Report created for showing ingest by ownership assigned in Data Inventory
  • Data Inventory shows owners and business units on the table without row expansion
  • Previous Data Watch functionality replaced by Atlas Monitor
  • Data Inventory now shows if a dataset has a corresponding Data Watch in Monitor
  • Fixed issue related to Source Type filtering on Index view showing numbers instead of source types

Monitor V1.0.2

  • Changed permissions for Data Management integration feature

Search Library V1.1.8

  • Fixed root path issues to ensure apps functions with any URL root prefix

Splunk Migration Helper V1.0.3

  • Fixed root path issues to ensure apps functions with any URL root prefix Fixed issues with app icon not populating in certain environments

STIG Compliance V1.6.0

  • Element now correctly exports large amounts of data on Export Data and Export Checklist dashboards
  • STIG Compliance can now ingest, report, and update checklists that utilize Sites and Instances. To integrate previous data that utilized Sites and Databases, follow these steps
  • Tables now correctly handle special characters
  • STIG Viewer dashboard no longer auto-selects the first Target in the list
  • Applying a Checklist on STIG Library to a pre-existing checklist on a target no longer updates all vulnerabilities to Not A Finding
  • Fixed issue related to STIG Compliance losing context when navigating to Update Vulnerability dashboard from STIG Viewer dashboard
  • Fixed Export Data page showing incorrect rule_status for vulnerabilities
  • Fixed issue related to updating a vulnerability with a SCAP result would sometimes dissociate the SCAP results from the vulnerability

Atlas Version 3.1.0

Atlas Core V2.1.0

  • Users can now add a custom logo to Atlas Core
  • New License warning banner
  • EULA will appear on every license apply

Data Management V1.3.10

  • Data Inventory ingest size labels now match content

Data Utilization V1.2.3

  • Updated logic for capturing utilization in more environments

Forwarder Awareness V2.1.4

  • New icon for Forwarder Alert Disabled to increase visibility
  • Fixed Source Type search on Forwarder Awareness Report dashboard

Monitor V1.0.1

  • Fixed Empty Latest/Earliest columns on Monitor Report dashboard
  • Fixed time charts on Monitor Report only containing one event
  • Fixed issues that occurred on creating Data Watches on empty data streams
  • Additional logical fixes to increase Monitor stability

Monitor TA V1.0.1

  • Created to define Metric Index on the Index Layer

Scheduling Assistant V1.3.8

  • Empty panels hidden on Scheduling Assistant dashboard

Scheduling Inspector V1.1.5

  • Fixed broken token logic

Search Library V1.1.7

  • Fixed line breaks on Search Activity dashboard

Splunk Migration Helper V1.0.2

  • Fixed Utilization logic to capture more environments

STIG Compliance V1.5.0

  • User can now add custom checklists not included in the STIG Library
  • Data no longer ages out for health scores & statuses
  • Vulnerability Statuses can be locked in to prevent overwrites by more recent data
  • Additional Row Expansions added to tables on STIG Compliance Overview dashboard
  • Speed improvements on dashboards
  • STIG Viewer dashboard now focuses on a single Target at a time
  • Ability to rename Systems after they are created
  • STIG Library Version now displayed on STIG Library dashboard
  • Vulnerability Categories now display on STIG Library dashboard
  • Additional bug fixes

STIG TA V1.3.0

  • Additional ingest edge cases accounted for

Atlas Version 3.0.0

Atlas Core V2.0.0

  • Implemented a new Atlas Core App which introduced a new user experience
  • Create your own Splunk Home Page

App Awareness V1.1.1

  • Logging improvements

Data Management V1.3.9

  • Logging improvements
  • Bug fixes on modals

Data Utilization V1.2.2

  • Splunk 9 compatibility updates
  • Filter to search data sets in utilization report
  • Logging improvements

ES Helper V1.2.5

  • Logging improvements

Forwarder Awareness V2.1.3

  • Added Silence Alarm capability on a per Forwarder basis
  • Fixed visualization titles not appearing
  • Forwarder Awareness logic improvements
  • Logging improvements
  • CSS update to match Atlas Core

Monitor V1.0.0

Scheduling Assistant V1.3.7

  • Works with Federated Search Heads
  • Logging improvements

Scheduling Inspector V1.1.4

  • Works with Federated Search Heads
  • Logging improvements

Search Library V1.1.6

  • Fixed SPL of certain searches
  • Splunk 9 compatibility updates
  • Logging improvements

Splunk Migration Helper V1.0.1

  • Works with Federated Search Heads
  • Splunk 9 compatibility updates
  • Logging improvements
  • KPI logic and label improvements

STIG Compliance V1.4.3

  • Formatting improvements

STIG TA V1.2.1

  • Exception handling improved to prevent host overwriting

SCAP TA V1.2.1

  • Edge case covered for host labeling
  • Added "Index=" to configuration file template