All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Is there any set up steps for the Splunk Add-on for Box on Search Head servers?

lyanta
Explorer
‎12-18-2015 08:27 AM

I installed the Splunk Add-on for Box on my heavy forwarder and search head servers. Per the documentation, I configured the app on my heavy forwarder to retrieve events from Box.

While viewing the objects for the Splunk Add-on for Box using the search head server Splunk web app, I noticed there are several panels. How do I make the app visible on the search head servers to obtain access to these panels without needing to perform the setup that retrieves events from Box?

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

lyanta
Explorer
‎12-28-2015 11:38 AM

I figured out my problem. I needed to update the permissions for the app to be available for all applications. After doing this, the panels were available in the dashboard editor to be added to a custom dashboard.

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

lyanta
Explorer
‎12-28-2015 11:38 AM

I figured out my problem. I needed to update the permissions for the app to be available for all applications. After doing this, the panels were available in the dashboard editor to be added to a custom dashboard.

0 Karma
Reply
Solved! Jump to solution

jkat54
SplunkTrust
SplunkTrust
‎12-20-2015 03:49 AM

The documentation says you just install the addon on the heavy forwarder and the search head.

My hunch is your dashboards need the correct index name in their searches. You might have to edit a macro being used by the app to specify the correct index(es). From what I can tell you specify the index when you configure the inputs. So somewhere you've got to align those prebuilt dashboard searches with the index name you used. Maybe you specified one name and then changed it after setup, etc... check your macros in the app and the underlying searches to be sure they're configured for the correct index(es).

http://docs.splunk.com/Documentation/AddOns/latest/Box/Install

Install the Splunk Add-on for Box
Specific installation notes for this add-on
**In a distributed deployment, install the Splunk Add-on for Box to your search heads and heavy forwarders.**

If that doesnt fix it, please open a "broken" dashboard panel in search and look at the job inspector for search.log etc. and update this post any errors and warnings you see.

0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...