Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Splunk Enterprise Security Content Management blank

adidibra
Engager
‎08-05-2021 03:10 AM

Hello,

I performed a "fresh" installation of ES 4.6.1 in a search head cluster through deployer. Splunk app version is 8.0.9. 

The apps for the ES were pulled from a repository solution to deployer and then pushed to the search cluster. When I try to open the content management it is stuck in blank and the Incident Review displaying "Operation Failed, Internal Error. __enter__" error.

Is there any log file I might check and permission I need to change a this behavior is quite strange?

Thank you in advance

Labels (1)
Labels
0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎08-05-2021 05:19 AM

Splunk 8.0.9 does not support ES 4.6.1.  That's an antique version of ES.  Try an older (unsupported) version of Splunk or a newer version of ES.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply
Get Updates on the Splunk Community!

Data Preparation Made Easy: SPL2 for Edge Processor

By now, you may have heard the exciting news that Edge Processor, the easy-to-use Splunk data preparation tool ...

Introducing Edge Processor: Next Gen Data Transformation

We get it - not only can it take a lot of time, money and resources to get data into Splunk, but it also takes ...

Tips & Tricks When Using Ingest Actions

Tune in to learn about:Large scale architecture when using Ingest ActionsRegEx performance considerations ...