Skip to main content
Panther Knowledge Base

Getting the error message "Bulk upload failed to update an analysis item" when uploading a rule via the Bulk Uploader in Panther

  1. Last updated
  2. Save as PDF

Issue

I am getting the error message "Bulk upload failed to update an analysis item" when uploading a rule via the Bulk Uploader in Panther. 

Resolution

To resolve this issue:

  1. Please ensure that the ruleID of the rule you are trying to upload is unique and hasn't already been used in your active detections.
  2. If you find out that the ruleID is already in use, please change it and try to upload your rule again. Note that the old, existing rule has to be deleted before uploading the new rule, to avoid duplications.
    • If you change a RuleID, the original rule does not get updated; Panther interprets this as a brand new rule.
  3. If the ruleID is indeed unique and you are still experiencing this issue, please contact Panther Support.

Cause

The reason that the error message appears in the Panther Console is likely due to uploading a rule with a ruleID that already exists in the rules that have previously been created. To check for this:

  1. In the Panther Console, navigate to Build > Detections.
  2. Type the ruleID of the rule you are trying to upload in the search field and see if any results are returned.