Splunk Enterprise Security

Config problem with Enterprise Security 3.0.2 on: Encounterd the following error 'localapps'

dave3131
Engager

A bit of a snag in the upgrade and install of a fresh ES 3.0.2 on Splunk 6.0.3. After the install, you have to configure the app. After you hit save you'll get:

Encountered the following error while trying to update: In handler 'localapps': Error while posting to url=\/servicesNS\/nobody\/SplunkEnterpriseSecuritySuite\/admin\/enterprise_security_suite/general_settings

0 Karma
1 Solution

dave3131
Engager

Here is how to get around it:

cd to:

~/etc/apps/SplunkEnterpriseSecuritySuite

Create a local dir and copy app.conf from default dir (at the same level) to your newly created local directory.

vi/edit the file and change is_configured to true.

Then restart splunk.

View solution in original post

0 Karma

jcoates_splunk
Splunk Employee
Splunk Employee

Hi Dave,

ES 3.0.2 hasn't been released, are you sure about that version number?

0 Karma

dave3131
Engager

Here is how to get around it:

cd to:

~/etc/apps/SplunkEnterpriseSecuritySuite

Create a local dir and copy app.conf from default dir (at the same level) to your newly created local directory.

vi/edit the file and change is_configured to true.

Then restart splunk.

0 Karma
Get Updates on the Splunk Community!

Splunk Education - Fast Start Program!

Welcome to Splunk Education! Splunk training programs are designed to enable you to get started quickly and ...

Five Subtly Different Ways of Adding Manual Instrumentation in Java

You can find the code of this example on GitHub here. Please feel free to star the repository to keep in ...

New Splunk APM Enhancements Help Troubleshoot Your MySQL and NoSQL Databases Faster

Splunk Observability has two new enhancements to make it quicker and easier to troubleshoot slow or frequently ...