I've setup Cisco NVM for Splunk exactly as per the comprehensive installation guide on the Cisco website but my NVM Dashboard in Splunk is still showing "No Results Found" for every panel.

I have done/confirmed the following:

• Created an NVM XML client profile within ASDM on my Anyconnect ASA pointing my clients to a collector server on port 2055

• Configured the deployment of the NVM module to the end clients via ASDM (which i can confirm is installing on my clients as "Network Visibility" under "Installed Modules" on the Anyconnect information section)

• Created a Ubuntu collection server using the CiscoNVMCollector_TA zip file, edited the acnvm.conf file to point towards my Splunk Syslog server IP on ports 20519, 20520 and collector port 2055 (defaults) and ran the install.sh script.

• Confirmed "acnvmcollectord" service is running correctly on collection server after installation and completely turned off the ubuntu firewall

• Installed the Cisco NVM app on my Splunk server, restarted Splunk service and checked correct ports are setup to listen as per the above configuration (which i knew they were anyway as my other apps work)

AND

• Ran a wireshark capture on clients and can see IPFIX traffic been sent to my collector server

• Ran wireshark capture on collector server and can see incoming IPFIX traffic from clients and outgoing SYSLOG traffic forwarded onto Splunk Syslog server

• Ran wireshark capture on Splunk server and can see incoming SYSLOG traffic from collector server.

All this, and yet my Cisco NVM App dashboard in Splunk still shows "No Results Found"

Im at a complete loss.