15.8 and above.

Found out the user who made the change by querying audit log table as below.

select * from auditlog where detail like '%<Incident_ID>%' and action = 'Status Changed' order by time; 

Where <Incident_ID> is the incident ID of the incident which is missing status change in history tab.

From tomcat logs it was found that the user had made status change on 4,274,096 incident(s) at once and due to this enforce ran out of memory.

17 Dec 2022 20:28:42,628- Thread: 128 INFO [com.vontu.manager] User "xyz" initiated incident action "Status Changed" for 4,274,096 incident(s).

Due to the enforce running out of memory, status change was not written to the incident history for multiple incidents.

There are significant warnings given when a user selects to update millions of incidents and is not recommended.

Although out of memory issue depends on hardware configuration and current load on enforce, users should be educated not to update millions of incidents at once.