Sequence Template/Events Bug (not working) with Sp...

plimon · ‎04-25-2019

Hello Splunk Community,

My organization has recently upgraded to Splunk ES 5.2.2. I have been trying to create a custom sequence template and test the concept. I have followed the directions outlined in this documentation link: https://docs.splunk.com/Documentation/ES/5.3.0/Admin/Sequencecorrelationsearches

My custom sequence template is enabled, sequence analysis is turned on via general settings:
However, I do not see a a "next scheduled time" applied to my template.

I have also attempted to manually force an invocation of this macro through the following:
execute_sequence_template(template_name, true)

I get 1 record result returned (which I expect). However, there is no sequence event created through the notable events page.
I also do not see any errors or warn messages within the _internal logs for my custom sequence template.
Is this a bug with version 5.2.2?

p_gurav9491 · ‎12-27-2022

Hello,

I am facing similer issue. Do you found any resolution?

p_gurav9491 · ‎12-27-2022

Hello,

I am facing similer issue. Do you found any resolution?

Sequence Template/Events Bug (not working) with Splunk ES version 5.2.2?

Cloud Platform & Enterprise: Classic Dashboard Export Feature Deprecation

Explore the Latest Educational Offerings from Splunk (November Releases)

New This Month in Splunk Observability Cloud - Metrics Usage Analytics, Enhanced K8s ...