Splunk Enterprise Security

Splunk Enterprise Security Sandbox - where is the sample data?

jonscheele
New Member

Hi,

I signed up for the 7-day Enterprise Security Sandbox trial.

According to the web site, there is supposed to be sample data in the instance.

However, there is nothing.

Even worse, it looks like the instance didn't even deploy properly (see messages below from Splunk). One of the messages says to contact Splunk support to re-start the instance. However, I am not (yet) a Splunk customer, so cannot open a support ticket.

How can I get a properly configured sandbox with sample data in it?

 

Thanks!

 

User 'sc_admin' triggered the 'enable' action on app 'sample_app', and the following objects required a restart: indexes11/12/2020, 2:07:56 PM
Splunk must be restarted for changes to take effect. Contact Splunk Cloud Support to complete the restart.11/12/2020, 1:28:18 PM
Health Check: Splunk server "si-i-0e1aa6ee38a60a908.prd-p-j2qgt.splunkcloud.com" does not meet the recommended minimum system requirements. Learn more.11/12/2020, 3:25:53 AM
The search "Access - Geographically Improbable Access - Summary Gen" is related to the correlation search "Access - Geographically Improbable Access Detected - Rule" but it is not enabled even though the correlation search is; this will cause the correlation to fail11/12/2020, 3:20:00 AM
The search "Access - Geographically Improbable Access - Summary Gen" is related to the correlation search "Access - Geographically Improbable Access Detected - Rule" but it is not enabled even though the correlation search is; this will cause the correlation to fail11/11/2020, 3:20:00 AM
The search "Access - Geographically Improbable Access - Summary Gen" is related to the correlation search "Access - Geographically Improbable Access Detected - Rule" but it is not enabled even though the correlation search is; this will cause the correlation to fail11/10/2020, 3:20:00 AM
The search "Access - Geographically Improbable Access - Summary Gen" is related to the correlation search "Access - Geographically Improbable Access Detected - Rule" but it is not enabled even though the correlation search is; this will cause the correlation to fail11/9/2020, 3:20:00 AM

 

Labels (1)
0 Karma

richgalloway
SplunkTrust
SplunkTrust

Try phoning them at (1-855) SPLUNK-S or (1-855) 775-8657

---
If this reply helps you, Karma would be appreciated.
0 Karma

jonscheele
New Member

Thanks @richgalloway  for the suggestion. I called the number, selected the option for trial support, and was re-directed to the sales team. No-one was available at the time I called.

0 Karma
Get Updates on the Splunk Community!

Splunk Classroom Chronicles: Training Tales and Testimonials

Welcome to the "Splunk Classroom Chronicles" series, created to help curious, career-minded learners get ...

Access Tokens Page - New & Improved

Splunk Observability Cloud recently launched an improved design for the access tokens page for better ...

Stay Connected: Your Guide to November Tech Talks, Office Hours, and Webinars!

🍂 Fall into November with a fresh lineup of Community Office Hours, Tech Talks, and Webinars we’ve ...