Splunk Enterprise

What does it mean when SPLUNK UI Requests tenantID when using SPL?

New Member


I write this message because i have an issue with SPLUNK UI and SPL search.

I'm a new developper and I am discovering SPLUNK UI framework.


Everyhting was fine until now. When i use raw data in the dashboard it works, but when i put a SPL as :


 search3 : {

         type: 'ds.search',

         options: {

            query: "index=\"phantom_container\" | dedup id | search severity = \"critical\" | stats count",

            queryParameters: {

             earliest: "-7d@d",

             latest: "now"

                  meta: {},




Splunk said that a TenantId is required.

I don't understand this issue.

Can you resolve it or give me a solution please ?  

Any help is welcomed

Labels (2)
0 Karma

New Member

Need help please, thank you

0 Karma

New Member


0 Karma
Get Updates on the Splunk Community!

Observability | How to Think About Instrumentation Overhead (White Paper)

Novice observability practitioners are often overly obsessed with performance. They might approach ...

Cloud Platform | Get Resiliency in the Cloud Event (Register Now!)

IDC Report: Enterprises Gain Higher Efficiency and Resiliency With Migration to Cloud  Today many enterprises ...

The Great Resilience Quest: 10th Leaderboard Update

The tenth leaderboard update (11.23-12.05) for The Great Resilience Quest is out >> As our brave ...