Solved: Re: Config problem with Enterprise Security 3.0.2 ...

dave3131 · ‎04-14-2014

A bit of a snag in the upgrade and install of a fresh ES 3.0.2 on Splunk 6.0.3. After the install, you have to configure the app. After you hit save you'll get:

Encountered the following error while trying to update: In handler 'localapps': Error while posting to url=\/servicesNS\/nobody\/SplunkEnterpriseSecuritySuite\/admin\/enterprise_security_suite/general_settings

dave3131 · ‎04-14-2014

Here is how to get around it:

cd to:

~/etc/apps/SplunkEnterpriseSecuritySuite

Create a local dir and copy app.conf from default dir (at the same level) to your newly created local directory.

vi/edit the file and change is_configured to true.

Then restart splunk.

View solution in original post

jcoates_splunk · ‎04-14-2014

Hi Dave,

ES 3.0.2 hasn't been released, are you sure about that version number?

dave3131 · ‎04-14-2014

Here is how to get around it:

cd to:

~/etc/apps/SplunkEnterpriseSecuritySuite

Create a local dir and copy app.conf from default dir (at the same level) to your newly created local directory.

vi/edit the file and change is_configured to true.

Then restart splunk.

Config problem with Enterprise Security 3.0.2 on: Encounterd the following error 'localapps'

Introducing the 2024 SplunkTrust!

Introducing the 2024 Splunk MVPs!

Splunk Custom Visualizations App End of Life