×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
charlesguo_2
Engager
Member since: ‎03-04-2016
‎06-05-2020
Community Statistics
Posts 5
Solutions 0
Karma Given 1
Karma Received 0
Member Since ‎03-04-2016
Activity Feed
View All

Re: Why does the Palo Alto Networks App for Splunk...

by in All Apps and Add-ons
‎04-25-2016 03:47 PM
‎04-25-2016 03:47 PM
It turns out that our Palo Alto Addon is not installed properly (still don't know why). We installed the Addon by hand and it works now. ... View more

Why does the Palo Alto Networks App for Splunk sho...

by in All Apps and Add-ons
‎04-22-2016 09:58 AM
‎04-22-2016 09:58 AM
We are able to see data coming into the Splunk instance by checking index="pan_logs" , but there is nothing showing in the Palo Alto Networks App for Splunk. I tried to edit the panel and here is one of the sample search, which is not getting any data: `pan_logs` | fillnull value="" | stats count by host sourcetype log_subtype action category | stats dc(host) However, I am getting data using this search: `pan_logs` | fillnull value="" | stats count by host sourcetype | stats dc(host) I didn't see log_subtype, action, and category from the All Fields, and I assume that is the problem. Does anyone know why it is not working? ... View more

Re: How to troubleshoot why I received an alert sa...

by in Getting Data In
‎03-06-2016 05:19 PM
‎03-06-2016 05:19 PM
A server reboot solved the issue, still don't understand why. Thanks for the help! ... View more

Re: How to troubleshoot why I received an alert sa...

by in Getting Data In
‎03-05-2016 09:52 PM
‎03-05-2016 09:52 PM
It says it is running ok: ./splunk status splunkd is running (PID: 3001). splunk helpers are running (PIDs: 3002 3018 3089 3188 3294 17563 17713). I also test the connection and it is OK. I also didn't see obvious errors from log files. ... View more

How to troubleshoot why I received an alert saying...

by in Getting Data In
‎03-04-2016 05:35 PM
‎03-04-2016 05:35 PM
I am pretty new to Splunk. Guess what, the consultant has left and I was supposed to take care of Splunk. I got an alert saying "indexer is not reachable". I can ssh to the server, the CPU and disk are OK. What else can I check? ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM
Karma given to
View All