All Apps and Add-ons

how to work the PaloAlto App with ver 5.3.1 in splunk 7.0.1

Shuhei052492
Path Finder

Hi,

I would like to know how to work "Palo Alto Networks App for Splunk" in Splunk version 7.0.2, which version is 5.3.1.
I have already install "Palo Alto Networks Add-on for Splunk" which version is 3.7.1.

pan_traffic and pan_threat could be searched and show the folowing fields.
eventtype=pan
eventtype=pan_threat
eventtype=pan_traffic

Additionally, these datamodels which are "Palo Alto Networks Firewall Logs" and "Network Traffic" have been acceleration.

But this app is not working...
I have known that SplunkBase show this version is not applied with Splunk 7.x.

Actually I would like not to change this version, because these visualisation would be changed a lot.
Are there any way to use this app version? Or Do I have to change the app version which is over6.0.x.?
If someone counl work this app version fine in same case, please let me know which settings you changed. Also please check whether you are getting these error.

Error message1:
File "/opt/splunk/etc/apps/SplunkforPaloAltoNetworks/bin/lib/common.py", line 182, in exit_with_error
Error message2:
2018-02-26 13:08:01,026 +0900 ERROR common:182 - File "/opt/splunk/etc/apps/SplunkforPaloAltoNetworks/bin/retrieveWildFireReport.py", line 143, in

If you need more info to solve this issue, please let me know.
I appreciate any anwers.

Best regard,

0 Karma
1 Solution

HiroshiSatoh
Champion

Although it may not be the answer ...
In my environment, old APP is running.

View solution in original post

HiroshiSatoh
Champion

Although it may not be the answer ...
In my environment, old APP is running.

Shuhei052492
Path Finder

Thanks a lot!
In my environment, this app also work!

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...