On the 'Search & Reporting' screen, I can see that there are events coming in. When I click on the 'Data Summary' button, the 'Data Summary' window comes up. When I click on a Host to view the details of the associated events, I end up receiving the following error message.
Error in 'litsearch' command: Your Splunk license expired or you have exceeded your license limit too many times. Renew your Splunk license by visiting www.splunk.com/store or calling 866.GET.SPLUNK.
I clicked on 'Settings > Licensing' and confirmed that my server is configured to use licenses from the Free license group. Can someone provide more insights as to how to get around the error message?
How much data have you indexed? If you have indexed more than 500MB per day for more than 5 of the last 30 days then you have violated the license terms. You need to reduce the amount of data onboarded and wait for the violations to lapse. Or you can buy a bigger license.
--- If this reply helps you, an upvote would be appreciated.