The Latest Support Stance (As of September 2019) is: Fix: Splunk will NOT commit to version predictability on MaxMind DBs (MMDBs). MMDBs can and most likely will change in line with version upgrades as per the Cloud Maintenance Policy: https://www.splunk.com/en_us/legal/splunk-cloud-service-maintenance-policy.html Workaround: If a customer requires version predictability, they may package the MMDB in a custom app. This app WILL be required to undergo vetting . If you wish to discuss or request this, please file a Support ticket. ... View more

Apparently this message is meaningless by itself. The error is probably a socket error. Normally a line before that one reveals the true error. ... View more

This appears to be an issue with the global export permissions on the splunk_app_for_unix taking precedence over the default navigation options of the barebones template used in your custom app: Splunk internal engineering reference = TAG-12427 Workaround: Settings/User Interface/Views Fix the Unix app permission from "Global" to "App only". Settings/User Interface/Navigation Menus Fix the Unix app permission from "Global" to "App only". Bump the server. ... View more

This (using the print/export buttons via SplunkJS) is not currently supported. Enhancement request to add support for this is: DVPL-7148 ... View more

Make sure your custom logo is in .png format. Sample Setup might look like this: Via GUI: Settings/Server Settings/Email Settings/PDF Report Settings Via CLI: ./etc/system/local/alert_actions.conf [email] mailserver = mymailserver pdf.header_left = logo pdf.header_right = none pdf.logo_path = search:/image001 pdf.html_image_rendering = 0 Put the custom image here: /opt/splunk/etc/apps/search/appserver/static/image001.png Test via Ad-Hoc Search: "index=main | head 5 | sendemail to= server= subject="Here is an email notification" message="This is an example message" sendresults=true inline=true format=raw sendpdf=true" As per: http://docs.splunk.com/Documentation/Splunk/latest/Alert/Emailnotification Errors log to: /opt/splunk/var/log/splunk/pdfgen.log Further Reading: http://docs.splunk.com/Documentation/Splunk/latest/Admin/Alertactionsconf http://docs.splunk.com/Documentation/Splunk/latest/Alert/Emailnotification https://answers.splunk.com/answers/495250/pdf-generation-with-custom-logo-failing.html?minQuestionBodyLength=80 ... View more

Cause: This appears to be a defect with the PDF generator's handling of folders. Splunk bug reference = SPL-136094 Workaround: When I put images here; /opt/splunk6.5.0/etc/apps/search/appserver/static/ Result = Working fine with my image. When I put images here; /opt/splunk6.5.0/etc/apps/search/appserver/static/myfolder Result = PDF generation breaks with error of the form; "pdfrenderer:427 - Failed to retrieve customize logo error [Errno 2] No such file or directory:" ... View more