Hello, I am relatively new to Splunk Enterprise and recently started with the App for Infrastructure to monitor some CentOS 7.4 servers. Via the auto-deployment script through the "Add-Data" tab I tried to deploy the collection. This failed however, since the Splunk collectd plugin does not seem to recognize the libcurl library which resulted in error code 6, could resolve hostname although a regular curl works (adding a sample metric through HEC).  In the end I got around this by using the old method http_write plugin. So I have now the metrics in, but it does not seem to be working natively with the infrastructure app. When opening the server in the app (it is recognized in the investigate tab), then the metrics are empty in the overview sub-tab. When I click on analyze, it states the following: "You do not have permissions to access objects of user=x". The panels give the following text: "There is no data available for cpu.system. To see data on the chart, select a different time range, edit filters, or check with your administrator about user permissions." This seems clearly like an rights issue, because the cpu.* metrics are actually there. I have however no clue what the Infrastructure app is expecting in terms of rights / users. As far as my knowledge goes, this is all default. I am sending the data to the default em_metrics index from the Infrastructure app with sourcetype collectd_http.  Does anybody have any idea why I get these permission messages and how I can fix this?  Best regards, Mark ... View more