Dashboards & Visualizations
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk for Symantec-Dashboard is Blank

raidercom
Communicator
‎05-08-2013 11:58 AM

Hi:
I've got Splunk for Symantec App installed, and the input.conf files pushed to the SEPM server with the Splunk Universal Forwarder forwarding the SEPM logs to Splunk with the default input.conf. I also setup SEPM (12) to 'Export Logs to a Dump File', with all of the options set on 'Log Filter'.

I can see that Splunk has data from some of the data sources (sep12:agent and sep12:system), but when I go to the Splunk for Symantec App, the dashboard is blank, as are any of the reports that are built in. Have I done something wrong that is causing Splunk to not index the log files properly?

SEPM 12.1.1101.401
Server 2003 (x86) Standard SP2

Thanks for any assistance you could provide.

Tags (1)
0 Karma
Reply

danielchung
New Member
‎05-31-2013 12:57 AM

I'm having the same issue and have posted here , looks like it has to change the index to make it works but don't know how to do it.

0 Karma
Reply
Get Updates on the Splunk Community!

Index This | Why did the turkey cross the road?

November 2025 Edition  Hayyy Splunk Education Enthusiasts and the Eternally Curious!   We’re back with this ...

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

  🚀 Your data just got a serious AI upgrade — are you ready? Say hello to the Agentic Era with the ...

Feel the Splunk Love: Real Stories from Real Customers

Hello Splunk Community,    What’s the best part of hearing how our customers use Splunk? Easy: the positive ...