Re: Splunk Fundamental Module 4 Lab

supyaetun · ‎03-12-2021

After uploading the 3 files as per the instructions, I am supposed to see my events but there is nothing on the page even when I am logged in as admin or power user.

etmaurer · ‎07-16-2021

Same here...uploaded 3 files into Splunk w/o issue but they don't appear as having been so as nothing to search upon. Expanded data to "all time" as well.

Ed in Tampa

etmaurer · ‎07-19-2021

Ok, found an email address to Splunk Education team (elearn@splunk.com) ...and submitted my question; here is the response:

"Hello Ed,

You may proceed to the next module/lab. The information indicating the number of events to indexed does not appear on this page in this version of Splunk.

Mike Halladay

IOD Technical Support Engineer"

I have since been able to perform a search & find data from these 3 lab files. BTW, I'm running the Windows version on my desktop.

Hope this helps somebody, I could have used this guidance last week.

Ed in Tampa

aasabatini · ‎03-12-2021

Hi,

try to expand your timerange and if you don't specify the index name splunk automatically puts your data on the index=main.

“The answer is out there, Neo, and it’s looking for you, and it will find you if you want it to.”

Splunk Fundamental Module 4 Lab

index

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Mile High Learning with Splunk University, Denver, Colorado

IT Service Intelligence 5.0 Series: Your Guide to the June Launch

Agent Mode Engaged! Enchaining Agentic Operations with Splunk AI Assistant 2.0

Join the Conversation