Missing SSE-data_availability_latency_status.csv i...

Iris_Pi · ‎06-14-2024

When navigating to "ESS" -> "Data" -> "Data Availability", will get the following error:
>>>
Error in 'lookup' command: Could not construct lookup 'SSE-data_availability_latency_status.csv, productId'. See search.log for more details.
<<<

I can find the definition of SSE-data_availability_latency_status in "lookup" -> "lookup definitions". However, it looks the SSE-data_availability_latency_status.csv doesn't exist.
>>>
| inputlookup SSE-data_availability_latency_status.csv --> The lookup table 'SSE-data_availability_latency_status.csv' requires a .csv or KV store lookup definition.
<<<

I'm using Splunk cloud 9.1.2312.102 and ESS 3.8.0.

Thanks for your reply in advance!

deepakc · ‎06-14-2024

In the Gui > Data > Data availability - Click on the Green Base Line Search Button, that will generate the look up, you can then go back to the Data availability and it should display results.

Iris_Pi · ‎06-14-2024

Thanks much for the reply, it works now!

Missing SSE-data_availability_latency_status.csv in Splunk Security Essentials 3.8.0

other

Cloud Platform & Enterprise: Classic Dashboard Export Feature Deprecation

Explore the Latest Educational Offerings from Splunk (November Releases)

New This Month in Splunk Observability Cloud - Metrics Usage Analytics, Enhanced K8s ...