Monitoring Splunk
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Why is DMC showing servers "unknown" on overview page?

AzmathShaik
Path Finder
‎08-11-2023 12:51 PM

Screenshot 2023-08-11 at 3.46.52 PM.pngHello Splunkers

we recently upgraded our splunk distributed deployment from 8.2.9 to 9.0.5.1. After upgrade our splunk servers are started show under unknown category. 

it's pretty much impacting all the dashboards in monitoring console. below is the error 

"Streamed search execute failed because: Error in 'prerest' command: You do not have a role with the rest_access_server_endpoints capability that is required to run the 'rest' command with the endpoint=/services/server/status/limits/search-concurrency?count=0. Contact your Splunk administrator to request that this capability be added to your role.."

please let me know what can i do to bring the views back to normal. 

 

Thanks in advance

Labels (3)
0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎08-11-2023 01:44 PM

Hi

based on that error message you are needing a role which have rest_access_server_endpoints capability. Ask that your splunk admins add role which contains this capability or ad this to your current role.

r. Ismo

0 Karma
Reply

AzmathShaik
Path Finder
‎08-11-2023 02:00 PM

@isoutamo i have verified the capabilities. i assume this is a capabilities that need to be added to admin role. or do i need to create new role. 

0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎08-12-2023 09:18 AM

As admin user should see those dashboards, you could add that capability to admin role.

0 Karma
Reply
Get Updates on the Splunk Community!

What the End of Support for Splunk Add-on Builder Means for You

Hello Splunk Community! We want to share an important update regarding the future of the Splunk Add-on Builder ...

Solve, Learn, Repeat: New Puzzle Channel Now Live

Welcome to the Splunk Puzzle PlaygroundIf you are anything like me, you love to solve problems, and what ...

Building Reliable Asset and Identity Frameworks in Splunk ES

 Accurate asset and identity resolution is the backbone of security operations. Without it, alerts are ...