Data in index but reports are empty

ewille2 · ‎03-18-2014

I have installed Splunk for Symantec, have syslog data populating the index, source set to sep12:log but the application reports are empty. Any thoughts?

ewille2 · ‎03-18-2014

The app is being run as my account which has access to everything. Should note, we are still running on the free version.

ewille2 · ‎03-18-2014

The app is being run as my account which has access to everything. Should note, we are still running on the free version.

KarunK · ‎03-18-2014

Have a look at the permission of the index. Does the user allowed access the index ???

If not add the index to the role in which the user is in.

Access controls » Roles »

ewille2 · ‎03-18-2014

The app is being run as my account which has access to everything. Should note, we are still running on the free version.

Data in index but reports are empty

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

Are you a member of the Splunk Community?

Data in index but reports are empty

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...