All Apps and Add-ons

Technology Add-on for pfSense Version 2.2.0 - 4 errors occurred while the search was executing

johnny21
Path Finder

Installed TA Addon Version 2.2.0 and it is almost working but get the error below, not sure exactly how to correct.

4 errors occurred while the search was executing. Therefore, search results might be incomplete. Hide errors.
Could not load lookup=LOOKUP-filterlog_action
Could not load lookup=LOOKUP-filterlog_tcpflags
Could not load lookup=LOOKUP-filterlog_transport
Could not load lookup=LOOKUP-openvpn_action

0 Karma
1 Solution

my2ndhead
SplunkTrust
SplunkTrust

Due to changes in the add-on build process the lookups were missing. Fixed in 2.2.1.

View solution in original post

0 Karma

Ledge39
Engager

I'm also having the same problem.

Any help would be great.

0 Karma

R0okey
New Member
  • Trying to install this integration for pfsense 2.5 and I’m getting the same errors. Any advice?
4 errors occurred while the search was executing. Therefore, search results might be incomplete.
  • Could not load lookup=LOOKUP-filterlog_action
  • Could not load lookup=LOOKUP-filterlog_tcpflags
  • Could not load lookup=LOOKUP-filterlog_transport
  • Could not load lookup=LOOKUP-openvpn_action
0 Karma

my2ndhead
SplunkTrust
SplunkTrust

Due to changes in the add-on build process the lookups were missing. Fixed in 2.2.1.

0 Karma

kenzo1234
Observer

with splunk 8.2.1, pfSense 2.5.1

installed app ta_pfsense 2.5.0

I get those 4 errors as well. what can I do to fix it. 

0 Karma

fattylewis
Engager

Grab version 2.2.1 and copy the lookups directory from it and put it into 2.2.0 apps/TA-pfsense directory.

nervatan
Observer

I'm having the same problem with version 2.5.0 

0 Karma

o0chris0o
New Member

Did you figure out what was wrong?  I have the same problem with 2.5.0 and Splunk 8.2.0. I use universal forwarder on my pfsense to get the data in Splunk.

0 Karma

fattylewis
Engager

Download version 2.2.1 from splunkbase and grab the lookups directory from it and put it in the apps/TA-pfsense directory.

Worked for me just now.

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In September, the Splunk Threat Research Team had two releases of new security content via the Enterprise ...

New in Observability - Improvements to Custom Metrics SLOs, Log Observer Connect & ...

The latest enhancements to the Splunk observability portfolio deliver improved SLO management accuracy, better ...

Improve Data Pipelines Using Splunk Data Management

  Register Now   This Tech Talk will explore the pipeline management offerings Edge Processor and Ingest ...