This fix will be deployed to all cloud stacks on Thursday, June 5, 2025, between 1:00 AM and 3:00 AM local stack time. On-premises customers will receive the updated release for download on June 5, 2025 (PDT).
If you wish to apply the workaround before the scheduled fix is deployed, you can do so by following the steps below: - Open the affected playbook in the Visual Playbook Editor (VPE). - Manually review and adjust the join settings (check/uncheck as needed). - Save the playbook to apply the changes.
Teams will now begin their root cause analysis. If you believe that you are still impacted by this issue please contact customer support and reference CINC-61075.
Posted Jun 03, 2025 - 22:02 UTC
Update
Splunk has identified an issue in SOAR version 6.4.1 where Playbooks may appear to load correctly but failing in backend execution. A fix is in progress, and no immediate action is required from customers.
As a workaround, to mitigate the impact:
- Open the playbook in the Visual Playbook Editor (VPE)
- Manually review and adjust the join settings (check/uncheck as needed)
- Save the playbook to apply the changes
We appreciate your patience and will share further updates as the fix is implemented.
Posted May 31, 2025 - 06:35 UTC
Identified
Hello,
Splunk Cloud customers using the SOAR platform may be impacted by Playbooks appearing to load but backend logic failing.
We have identified the source of the issue in version 6.4.1 and are currently working on implementing a fix. At this time, there is no further action needed from customers.
There is an active workaround to mitigate impact:
- Open the playbook in the Visual Playbook Editor (VPE). - Manually review and adjust the join settings (check/uncheck as needed). - Save the playbook to apply the changes
Your patience is greatly appreciated and we will provide more updates as we implement the fix.