All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Why is Splunk Add-on for Unix and Linux 8.6 missing lookups?

Markt13
Engager
‎07-23-2022 09:24 AM

I believe the 8.6 version is missing a few default lookups. I receive an error about unable to find "nix_fs_notification_change_type" lookup whenever we search.  if you look at the doc and compare it to the \Splunk_TA_nix\lookups dir, there are at least 5 lookups missing.  In 8.5 all 10 lookups are present. 

https://docs.splunk.com/Documentation/AddOns/released/UnixLinux/Lookups.

I suggest maybe copying the missing lookups or just staying on 8.5. 

Labels (2)
Labels
0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Classroom Chronicles: Training Tales and Testimonials (Episode 2)

Welcome to the "Splunk Classroom Chronicles" series, created to help curious, career-minded learners get ...

Index This | I am a number but I am countless. What am I?

January 2025 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  Happy New Year! We’re ...

What’s New in Splunk Enterprise 9.4: Tools for Digital Resilience

PLATFORM TECH TALKS What’s New in Splunk Enterprise 9.4: Tools for Digital Resilience Thursday, February 27, ...