Splunk Enterprise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Splunk Security Essentials error

erinbwest
New Member
‎11-06-2020 01:32 PM

We recently moved Splunk Security Essentials from our lab to our QA environment, but it is not working. In Lab we have admin privs, but in QA it is only power user privs and we did enable the _list settings permissions for our roles as suggested by another post. It still will not populate. Any other suggestions? Here is the error. 

 

External search command 'sseanalytics' returned error code 1. .

Labels (1)
Labels
0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎11-06-2020 01:51 PM

Check splunkd.log for more information about the cause of the error.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply
Get Updates on the Splunk Community!

More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk

Tuesday, May 14, 2024  |  11AM PT / 2PM ET Register to Attend Join us for this Tech Talk and learn how to ...

.conf24 | Personalize your .conf experience with Learning Paths!

Personalize your .conf24 Experience Learning paths allow you to level up your skill sets and dive deeper ...

Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...

WATCH NOWAs AI starts tackling low level alerts, it's more critical than ever to uplevel your threat hunting ...