All Apps and Add-ons

fire brigade 2 issues



I installed fire brigade 2 and the ta on a search-head, running Splunk 6. Very little data is appearing - the host drop-down is always empty, and the index drop-down has a message under it that says "Could not create search". Is there something else that needs to be done?

Tags (1)
0 Karma


FYI, Fire Brigade version 2 will no longer be updated (latest version is 2.0.3). The newer versions 2.0.4 and higher will now be available with the original “Fire Brigade” app on Splunkbase which was just updated to support Splunk 6.3. This is noted on the page for Fire Brigade on Splunkbase:

If you have any questions, ping the developer of the app @sowings


0 Karma

Path Finder

The TA will have 2 saved searches, you can use the S&R manager to make sure these are firing, and run them manually to test. In fact, you might want to lift them from the saved search and run them manually on the searchbar just to make sure they are producing the expected output.

Regarding the host menu and index dropdown, those are tied to a separate saved search in the main Fire Brigade can also test/manually run this search to populate that dropdown.

0 Karma
Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

 (view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...