If you are still only seeing a waiting throbber image can you open the browser developer tools, navigate to the Network tab within that and try reloading the page. You will see a call made to read_progress endpoint in that tab. Can you provide the response of that request here? ... View more

Ignore "" at the beginning and end from **3.0.3#8.0|7.3|7.2|7.1|7.0|6.6|; ... View more

The Splunk Upgrade Readiness App contains a static list of apps on Splunkbase. This app list doesn't contain information about the newly released Splunk Security Essentials 3.0.3 App which is dual compatible. Hence you are seeing this message. As a workaround, you can update the line 133 of $SPLUNK_HOME/etc/apps/upgrade_readiness_app/bin/libs_py2/splunksupportedapps.csv as shown below: Splunk_Security_Essentials,Splunk Security Essentials,https://splunkbase.splunk.com/app/3435/,**3.0.3#8.0|7.3|7.2|7.1|7.0|6.6|;**3.0.2#8.0|7.3|7.2|7.1|7.0|6.6|;3.0.1#8.0|7.3|7.2|7.1|7.0|6.6|;3.0.0#8.0|7.3|7.2|7.1|7.0|6.6|;2.5.2#7.3|7.2|7.1|7.0|6.6|;2.5.1#7.3|7.2|7.1|7.0|6.6|;2.5.0#7.3|7.2|7.1|7.0|6.6|;2.4.2#7.3|7.2|7.1|7.0|6.6|;2.4.1#7.2|7.1|7.0|6.6|;2.4.0#7.2|7.1|7.0|6.6|;2.3.1#7.2|7.1|7.0|6.6|;2.3.0#7.2|7.1|7.0|6.6|6.5|;2.2.0#7.2|7.1|7.0|6.6|;2.1.1#7.1|7.0|6.6|6.5|;2.1.0#7.0|6.6|6.5|;2.0.0#7.0|6.6|6.5|;1.4.6#7.0|6.6|6.5|6.4|;1.4.5#6.6|6.5|6.4|;1.4.4#6.6|6.5|6.4|;1.4.3#6.6|6.5|6.4|;1.4.2#6.6|6.5|6.4|;1.4.1#6.5|6.4|;1.4.0#6.5|6.4|;1.3.2#6.5|6.4|;1.3.1#6.5|6.4|;1.3.0#6.5|6.4|;1.2.0#6.5|6.4|;1.1.1#6.5|6.4|;1.1.0#6.5|6.4|;1.0.3#6.5|6.4|;1.0.2#6.5|6.4|;1.0.1#6.5|6.4|;1.0#6.5|6.4| Once you have done this change clear the cache in your browser and rerun the scan. This time it should not scan the app as the installed app is already 8.0 compatible and the Readiness app also now has the information for this. As far as your 2nd question is concerned this app uses various standard python fixers to detect python 2 syntaxes. So a dual compatible file can still be shown as a warning in the results. But if you are sure that the file is compatible with both python versions, you can dismiss that particular file path. Dismissing would exclude this file path from future scans. Make sure that you dismiss a file path only if you are sure as this action cannot be undone. ... View more

Its working for me actually. Only sort is not working for me. ... View more

All event means ? Can you help me understand ? Just to note that as we have provided field=_raw, we will be applying that regex on entire raw event. ... View more

You can use rex command to accomplish your task. Ex. | rex field=_raw "[0-9]\d+=(?[A-Z]\w+\s+\w+)" This will extract the value in field called "myfield" Reference: https://docs.splunk.com/Documentation/Splunk/7.2.3/SearchReference/Rex, ... View more

You can try using the below regular expression. \[.*\].*?\w{3}\s+\w{3}\s+\d{1,2}\s+\d{2}\:\d{2}\:\d{2}\s\S+\s+\d{4}\:\s+(?.*) Demo: https://regex101.com/r/ze1Jxk/1 ... View more

You can try passing all the details while initializing the object for Event class. Ex. event = Event(data="{}", stanza="", time="%.3f" % time.time()) And than use ew.write_event(event) Note: You'll require to import time module. (import time) ... View more

You can also try adding earliest and latest within the search query itself. ... View more

Hi, You can try replacing line 21-24 in your code with the below contents. this._chartView = new TableView({ managerid: 'details-search-manager', count: 10, dataOverlayMode: "none", drilldown: "none", rowNumbers: "false", wrap: "true", }); This worked for me...! ... View more