Splunk Cisco Networks App not displaying results

coffeetech · ‎02-08-2019

I have installed the Cisco network app version 2.5.6 and the additional Cisco add-on in splunk, and it's failing to show any results. I am receiving syslogs from the cisco switches via the results query tab, but when I the click the separate"cisco networks" tab in the left side of the splunk application and go inside it, there is nothing to show. All of the columns show this error;

                   Error in 'TsidxStats': WHERE clause is not an exact query

Don't really know what this means or how I am suppose to fix this issue. Any help would be appreciate. Thank you.

vinod94 · ‎02-12-2019

Hi @coffeetech ,

Have you tried rebuilding the data model? if not, you can try so.

Go to settings>under Knowledge - Data models . Search for Cisco_ios_event. Expand (>)and you will see an update and rebuild option.

If it still doesn't work, you can try this - try mentioning the index name(your index) if its not present in the eventtypes and macros.

Splunk Cisco Networks App not displaying results

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

Design, Compete, Win: Submit Your Best Splunk Dashboards for a .conf26 Pass

May 2026 Splunk Expert Sessions: Security & Observability

Join the Conversation

Splunk Cisco Networks App not displaying results

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

Design, Compete, Win: Submit Your Best Splunk Dashboards for a .conf26 Pass

May 2026 Splunk Expert Sessions: Security & Observability