Join the Conversation
- Find Answers
- :
- Apps & Add-ons
- :
- All Apps and Add-ons
- :
- All Apps and Add-ons
- :
- Re: Splunk App for Web Analytics and Splunk Weblog...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We installed these apps on our search head. We followed the instructions installing Splunk Weblog Add-on and it is enable, Sourcetype for our data is iis. The host and source don't show in the Available host and source combinations. I can manually search from the Splunk search app and see the data is there, but the Lookups come back with 0 records found.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
As is tums out, the role we are in did not have the correct searching capabilities in Splunk. We needed to add All non-internal indexes to the Selected indexes in Access controls » Roles » [ROLE NAME]. We only had MAIN selected. Once we added that, we were able to see data.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
I had some problems too.
I configured the app, with 3 months of data, and I also accelerated the dataset without any problem, but when I go to Analytics dashboard, I can see only the data for the current day.
The "generate user sessions" and "generate pages" lookups ran successfully displaying the entire period of 3 months.
Any idea about this odd behaviour ?
thanks,
Fausto
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
As is tums out, the role we are in did not have the correct searching capabilities in Splunk. We needed to add All non-internal indexes to the Selected indexes in Access controls » Roles » [ROLE NAME]. We only had MAIN selected. Once we added that, we were able to see data.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Self-experience: Even if you're using the admin account, you have to add All non-internal indexes and All internal indexes to Indexes searched by default.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi hoopydave
The search powering the panel in the Website configuration looks like this:
| tstats prestats=t count where index=* by host,source | stats count AS events by host, source | search host=*"*"* OR source=*"*"*
Make sure that the search returns something. If not, can you try and running the search:
tag=web
and see if that returns something.
Please note that Splunk app for Web Analytics will only work on Splunk version 6.2 and higher.
j
Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!
Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.
Announcing Modern Navigation: A New Era of Splunk User Experience
Modernize your Splunk Apps – Introducing Python 3.13 in Splunk
Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...
