- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
web activity dashboard
Hi,
Currently all my dashboards are working except the web activity dashboard. I only have a few results and I have been checking frequently.
i found this thread here about it - https://answers.splunk.com/answers/684808/palo-alto-networks-app-why-is-our-web-activity-das.html
if i run a search eventtype="pan_threat", i get a lot of results for the default time (4 hours), but it doesnt seem to be reflected in the dashboard.
any ideas what i should be looking at?
i've looked at the troubleshooting steps located here - https://splunk.paloaltonetworks.com/firewalls-panorama-and-traps.html
Everytime seems to be fine.
I do get data on the dashboard, but doesn't seem to match up on the search
Thanks in advance for your help.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
i've doubled check this section as well.
https://splunk.paloaltonetworks.com/troubleshoot.html#dashboards-not-working
only pan_firewall datamodel is built, but i think thats all i need.
i have configured props.conf to set the index to my timezone - that is fine.
i've also configured that my inputs is set to palo:log
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
this is my exact search query
index=palo eventtype="pan_threat"
all my palo devices send via tcp to an index called "palo"
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Are you using user input tokens for the time? Would you be able to post the search that you're running?
