All Apps and Add-ons

Splunk Security Essential not loading correctly

promisingbank
Engager

Hi,

I am building a lab environment, loaded with the boss of the soc pre-indexed data. I installed all the apps, and everything was working. I needed to restore my VM from a previous snapshot, though, and my Splunk Security Essentials stopped loading. I found community recommendations to _bump recommendation in the splunk community article "why-does-the-splunk-security-essentials-app-has-mi" (not enough karma to post the link) Number One: Most Likely
The most common culprit for this is a core bug with refreshing static assets. To get around this, run a _bump by browsing to http://yoursplunk:8000/en-US/_bump and click the button.

I also tried removing the app from /opt/splunk/etc/apps/ and reinstalled it. "

Is there something else I can try to restore SES?
alt text

jamesjarrett
Path Finder

Try this fix:
| inputlookup SSE-default-data-inventory-products.csv
| outputlookup data_inventory_products_lookup

it wipes any manual stuff you have already done, but the next time you try it actually works. Its worth a try.

0 Karma

ssadanala1
Contributor

whhich version of sse is it ?3.0.6 ?

0 Karma

GDustin
Path Finder

me too; v.3.1.0

0 Karma
Get Updates on the Splunk Community!

Dashboards: Hiding charts while search is being executed and other uses for tokens

There are a couple of features of SimpleXML / Classic dashboards that can be used to enhance the user ...

Splunk Observability Cloud's AI Assistant in Action Series: Explaining Metrics and ...

This is the fourth post in the Splunk Observability Cloud’s AI Assistant in Action series that digs into how ...

Brains, Bytes, and Boston: Learn from the Best at .conf25

When you think of Boston, you might picture colonial charm, world-class universities, or even the crack of a ...