Splunk Enterprise Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

An error while exporting a Data Model to Phantom

obyazov
New Member
‎08-16-2018 08:37 AM

Hello,

I'm trying to export a Data Model from Splunk Free to Phantom using Phantom App. After configuring the necessary fields and clicking Save and Close I get an Error:

Error talking to splunk: POST /servicesNS/nobody/phantom/saved/searches/: status code 400: {"messages":[{"type":"ERROR","text":"Argument \"action.script\" is not supported by this handler."}]}

Does anyone encounter the same problem? Or maybe somebody knows where to look at to solve the problem.

0 Karma
Reply

mattsvensson
Engager
‎11-15-2018 01:24 PM

ever get an answer?

0 Karma
Reply

mattsvensson
Engager
‎11-15-2018 07:15 PM

I'm thinking that it's something about being on the free version now and not being able to set permission on the app/index.

0 Karma
Reply
Get Updates on the Splunk Community!

Announcing Scheduled Export GA for Dashboard Studio

We're excited to announce the general availability of Scheduled Export for Dashboard Studio. Starting in ...

Extending Observability Content to Splunk Cloud

Watch Now!   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to leverage ...

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...