Both the Splunk for QualysGuard app and the Splunk for Palo Alto Networks app use something called Paxheaders and both of them throw errors at startup that prevent a clean restart.

What is Paxheaders? Why is it bundled with these apps? How do I troubleshoot it?

Here are some sample errors:

Error while parsing 'c:\program files\splunk\etc\apps\SplunkforPaloAltoNetworks\
default\data\ui\views\PaxHeader\system_overview.xml':
syntax error: line 1, column 0

Error while parsing 'c:\program files\splunk\etc\apps\SplunkforPaloAltoNetworks\default\data\ui\views\PaxHeader\threat_overview.xml':

syntax error: line 1, column 0

Error while parsing 'c:\programfiles\splunk\etc\apps\SplunkforPaloAltoNetworks\default\data\ui\views\PaxHeader\traffic_overview.xml':
syntax error: line 1, column 0

Error while parsing 'c:\program files\splunk\etc\apps\SplunkforPaloAltoNetworks\default\data\ui\views\PaxHeader\url_filtering.xml':
syntax error: line 1, column 0

Error while parsing 'c:\program files\splunk\etc\apps\SplunkforPaloAltoNetworks\default\data\ui\views\PaxHeader\web_req.xml':
syntax error: line 1, column 0

Error while parsing 'c:\program files\splunk\etc\apps\SplunkforPaloAltoNetworks\default\data\ui\views\PaxHeader\web_usage_report.xml':
syntax error: line 1, column 0

We're running 4.3.1.

Thx.

Craig