Re: Splunk Fundamental Module 4 Lab

supyaetun · ‎03-12-2021

After uploading the 3 files as per the instructions, I am supposed to see my events but there is nothing on the page even when I am logged in as admin or power user.

etmaurer · ‎07-16-2021

Same here...uploaded 3 files into Splunk w/o issue but they don't appear as having been so as nothing to search upon. Expanded data to "all time" as well.

Ed in Tampa

etmaurer · ‎07-19-2021

Ok, found an email address to Splunk Education team (elearn@splunk.com) ...and submitted my question; here is the response:

"Hello Ed,

You may proceed to the next module/lab. The information indicating the number of events to indexed does not appear on this page in this version of Splunk.

Mike Halladay

IOD Technical Support Engineer"

I have since been able to perform a search & find data from these 3 lab files. BTW, I'm running the Windows version on my desktop.

Hope this helps somebody, I could have used this guidance last week.

Ed in Tampa

aasabatini · ‎03-12-2021

Hi,

try to expand your timerange and if you don't specify the index name splunk automatically puts your data on the index=main.

“The answer is out there, Neo, and it’s looking for you, and it will find you if you want it to.”

Splunk Fundamental Module 4 Lab

index

[Puzzles] Solve, Learn, Repeat: Dynamic formatting from XML events

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

Stronger Security with Federated Search for S3, GCP SQL & Australian Threat ...

Join the Conversation

Splunk Fundamental Module 4 Lab

index

[Puzzles] Solve, Learn, Repeat: Dynamic formatting from XML events

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

Stronger Security with Federated Search for S3, GCP SQL & Australian Threat ...