Splunk Enterprise Security

Splunk Enterprise Security Sandbox - where is the sample data?

jonscheele
New Member

Hi,

I signed up for the 7-day Enterprise Security Sandbox trial.

According to the web site, there is supposed to be sample data in the instance.

However, there is nothing.

Even worse, it looks like the instance didn't even deploy properly (see messages below from Splunk). One of the messages says to contact Splunk support to re-start the instance. However, I am not (yet) a Splunk customer, so cannot open a support ticket.

How can I get a properly configured sandbox with sample data in it?

 

Thanks!

 

User 'sc_admin' triggered the 'enable' action on app 'sample_app', and the following objects required a restart: indexes11/12/2020, 2:07:56 PM
Splunk must be restarted for changes to take effect. Contact Splunk Cloud Support to complete the restart.11/12/2020, 1:28:18 PM
Health Check: Splunk server "si-i-0e1aa6ee38a60a908.prd-p-j2qgt.splunkcloud.com" does not meet the recommended minimum system requirements. Learn more.11/12/2020, 3:25:53 AM
The search "Access - Geographically Improbable Access - Summary Gen" is related to the correlation search "Access - Geographically Improbable Access Detected - Rule" but it is not enabled even though the correlation search is; this will cause the correlation to fail11/12/2020, 3:20:00 AM
The search "Access - Geographically Improbable Access - Summary Gen" is related to the correlation search "Access - Geographically Improbable Access Detected - Rule" but it is not enabled even though the correlation search is; this will cause the correlation to fail11/11/2020, 3:20:00 AM
The search "Access - Geographically Improbable Access - Summary Gen" is related to the correlation search "Access - Geographically Improbable Access Detected - Rule" but it is not enabled even though the correlation search is; this will cause the correlation to fail11/10/2020, 3:20:00 AM
The search "Access - Geographically Improbable Access - Summary Gen" is related to the correlation search "Access - Geographically Improbable Access Detected - Rule" but it is not enabled even though the correlation search is; this will cause the correlation to fail11/9/2020, 3:20:00 AM

 

Labels (1)
0 Karma

richgalloway
SplunkTrust
SplunkTrust

Try phoning them at (1-855) SPLUNK-S or (1-855) 775-8657

---
If this reply helps you, Karma would be appreciated.
0 Karma

jonscheele
New Member

Thanks @richgalloway  for the suggestion. I called the number, selected the option for trial support, and was re-directed to the sales team. No-one was available at the time I called.

0 Karma
Get Updates on the Splunk Community!

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...

Cloud Platform & Enterprise: Classic Dashboard Export Feature Deprecation

As of Splunk Cloud Platform 9.3.2408 and Splunk Enterprise 9.4, classic dashboard export features are now ...