All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

web activity dashboard

ewongpsc
Explorer
‎05-15-2019 07:30 AM

Hi,

Currently all my dashboards are working except the web activity dashboard. I only have a few results and I have been checking frequently.

i found this thread here about it - https://answers.splunk.com/answers/684808/palo-alto-networks-app-why-is-our-web-activity-das.html

if i run a search eventtype="pan_threat", i get a lot of results for the default time (4 hours), but it doesnt seem to be reflected in the dashboard.

any ideas what i should be looking at?

i've looked at the troubleshooting steps located here - https://splunk.paloaltonetworks.com/firewalls-panorama-and-traps.html
Everytime seems to be fine.

I do get data on the dashboard, but doesn't seem to match up on the search

Thanks in advance for your help.

Reply

ewongpsc
Explorer
‎05-15-2019 10:48 AM

i've doubled check this section as well.

https://splunk.paloaltonetworks.com/troubleshoot.html#dashboards-not-working

only pan_firewall datamodel is built, but i think thats all i need.

i have configured props.conf to set the index to my timezone - that is fine.

i've also configured that my inputs is set to palo:log

0 Karma
Reply

ewongpsc
Explorer
‎05-15-2019 07:59 AM

this is my exact search query

index=palo eventtype="pan_threat"

all my palo devices send via tcp to an index called "palo"

0 Karma
Reply

betchim_gerwili
Explorer
‎05-15-2019 07:56 AM

Are you using user input tokens for the time? Would you be able to post the search that you're running?

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey
Get Updates on the Splunk Community!

Tech Talk Recap | Mastering Threat Hunting

Mastering Threat HuntingDive into the world of threat hunting, exploring the key differences between ...

Observability for AI Applications: Troubleshooting Latency

If you’re working with proprietary company data, you’re probably going to have a locally hosted LLM or many ...

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

In the age of AI, every tool promises to make our lives easier. From summarizing content to writing code, ...