All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

web activity dashboard

ewongpsc
Explorer
‎05-15-2019 07:30 AM

Hi,

Currently all my dashboards are working except the web activity dashboard. I only have a few results and I have been checking frequently.

i found this thread here about it - https://answers.splunk.com/answers/684808/palo-alto-networks-app-why-is-our-web-activity-das.html

if i run a search eventtype="pan_threat", i get a lot of results for the default time (4 hours), but it doesnt seem to be reflected in the dashboard.

any ideas what i should be looking at?

i've looked at the troubleshooting steps located here - https://splunk.paloaltonetworks.com/firewalls-panorama-and-traps.html
Everytime seems to be fine.

I do get data on the dashboard, but doesn't seem to match up on the search

Thanks in advance for your help.

Reply

ewongpsc
Explorer
‎05-15-2019 10:48 AM

i've doubled check this section as well.

https://splunk.paloaltonetworks.com/troubleshoot.html#dashboards-not-working

only pan_firewall datamodel is built, but i think thats all i need.

i have configured props.conf to set the index to my timezone - that is fine.

i've also configured that my inputs is set to palo:log

0 Karma
Reply

ewongpsc
Explorer
‎05-15-2019 07:59 AM

this is my exact search query

index=palo eventtype="pan_threat"

all my palo devices send via tcp to an index called "palo"

0 Karma
Reply

betchim_gerwili
Explorer
‎05-15-2019 07:56 AM

Are you using user input tokens for the time? Would you be able to post the search that you're running?

0 Karma
Reply
Get Updates on the Splunk Community!

New This Month in Splunk Observability Cloud - Metrics Usage Analytics, Enhanced K8s ...

The latest enhancements across the Splunk Observability portfolio deliver greater flexibility, better data and ...

Alerting Best Practices: How to Create Good Detectors

At their best, detectors and the alerts they trigger notify teams when applications aren’t performing as ...

Discover Powerful New Features in Splunk Cloud Platform: Enhanced Analytics, ...

Hey Splunky people! We are excited to share the latest updates in Splunk Cloud Platform 9.3.2408. In this ...