this returns saved search owned by nobody and the user. It does not seem to filter to the user alone ... View more

If I run a query I get results, then I look over my results. Sometimes I want to filter out certain things from my results. I'd rather filter out my results and to research the index. I don't need to go back to well, I've got what I need, but I just need to filter out a little. ... View more

good luck there ... View more

found that it only works in Google Chrome. Maybe a noob problem, but I don't remember seeing that they recommend using Chrome only. ... View more

okay, so so far we found that you can get an IP & you can connect with no problems. This is good. The problem is looking less and less like it's on your end. I just did a check on that URL using another tool "wget", with the command "wget https://repo.phantom.us/phantom/4.5/base/7/x86_64/phantom_repo-4.5.7532-1.x86_64.rpm". wget will let you download resource over HTTP & HTTPS and it's a great way to troubleshoot HTTP and HTTPS. I also got a 404 error, so I don't think you are alone on this. I opened that link in my browser, but I went one directory back, so I opened "https://repo.phantom.us/phantom/4.5/base/7/x86_64/". There you can see the list of RPM files available. I don't see a file listed with the name "phantom_repo-4.5.7532-1.x86_64.rpm" so that resource is indeed missing. My recommendation at this point is to open a support ticket if you can or see if you can download an older version of Phantom. if you put in a ticket make sure to inform them that you troubleshooted and you are able to connect perfectly fine. Also inform them that the URL "https://repo.phantom.us/phantom/4.5/base/7/x86_64/" shows the file is missing sorry for putting you through all this but I think it's good to check connectivity first before looking any where else. ... View more

you can't nslookup a URL, only the hostname "epo.phantom.us". Now if you want to test the URL, which in this case is "https://repo.phantom.us/phantom/4.5/base/7/x86_64/phantom_repo-4.5.7532-1.x86_64.rpm" you'll need a different tool. Right now it sounds like you can get an IP address so Splunk knowns who to call. but splunk needs to talk to that server over HTTPS. nslookup doesn't understand HTTPS or any other protocol other than DNS, which is used to retrieve an IP using a host name. If your not too familiar with DNS I would highly recommend read up on a simple introduction. it will help you in future. Okay enough explanation, the next step is to see if we can actually talk to that server over HTTPS. Their are a number of tools that can be used to test this, but my personal favorite is nmap. see if you have nmap install using the command "nmap -V". if you get a "command not found" you'll need to install it. you can install it using this command as root "yum install nmap -y" okay, with nmap we can test ports. The protocol HTTPS run over 443 (usually). so the command "nmap -p 443 repo.phantom.us" will tell us if that port is opened. give that a try and let me know if the port state says "open". sorry for the long reply ... View more

okay, so when you're testing to see if you can resolve a hostname you need to remove the "http://" part, that's not considered part of the hostname. The hostname in this case is repo.phantom.us Try "nslookup repo.phantom.us" and let me know if you get an IP back. I did it on my laptop and got a response that the host "repo.phantom.us" is IP "54.165.15.205". you should get something similar if not the same ... View more

what's the host that you are trying to nslookup on? ... View more

It's possible that your DNS is not resolving the host name for the URL. Can you ping the host or do a nslookup on the host to see if you are able to resolve the hostname? ... View more