Hi, I'm trying to get the Splunk App for Web Analytics to work and am having trouble with the Web data model acceleration.

Currently when viewing the Analytics Center and Audience tabs I get 'No results found'. After some investigating this is because the Web.eventtype=pageview part of the SPL query that runs is not returning any results (when I examine the search and remove this part results are returned). When I look at the events in the datamodel via Pivot there are no events where this is true, in fact the Web.eventtype field is empty for all events in the data model. Note: this is when the data model is accelerated.

When I turn off acceleration I can see that the field 'eventtype' in the data model is created by an auto-extracted field. I can then go to the edit page of the eventtype field and preview the output of the extraction, then the eventtype field is populated as expected. I can check this through a Pivot again and the values for the eventtype field values are still present.

I can't work out why the field values disappear when enabling data model acceleration. I'm only working on a small data set currently for testing (<10Mb) and have given 2+ hours for the data model acceleration to be built. I have also generated the lookup tables required by the App a number of time, so that is not the issue.

I am using v2.2.2 of the App and Splunk v8.0.2. I believe I have the App set up correctly as the Real Time tab is showing data. I also breifly was able to view data on the Analytics Center and Audience tab yesterday but can't work out what changes caused this to occur!

Edit: When I runthe Data Model Audit I get the following errors on the Top Accelerations visualizations:

[map]: Failed to fetch REST endpoint uri=https://127.0.0.1:8089/servicesNS/nobody/SplunkAppForWebAnalytics/admin/summarization/tstats:DM_SplunkAppForWebAnalytics_myWeb?count=0 from server https://127.0.0.1:8089. Check that the URI path provided exists in the REST API.