splunk error message when launch splunk web

bwenge · ‎02-28-2011

When I launch Splunk web interface,I get next message.How to fix it?

"received event for unconfigured/disabled index='_audit' with source='source::audittrail' host='host::myhostname' sourcetype='sourcetype::audittrail'.

Ron_Naken · ‎02-28-2011

Click Manager-->Indexes, then "Enable" the _audit index. It should then be fixed when you restart Splunk.

splunk error message when launch splunk web

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.Find out what your skills are worth! Read the report >

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!

Read the report >