cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Tiny_Trex
Engager
Member since: ‎05-15-2023
‎08-22-2024
Community Statistics
Posts 5
Solutions 0
Karma Given 1
Karma Received 0
Member Since ‎05-15-2023
View All

Re: Cloud Monitoring Console - Rebuild forwarder a...

by in Splunk Cloud Platform
‎08-22-2024 11:50 AM
‎08-22-2024 11:50 AM
Hey, thanks for taking the time to reply, bwheel, but I think you might have misread my post. I stated that I was clicking the "Rebuild forwarder Assets..." button. I'm not sure what you're referring to with the "regular 'update'" you mention. I also couldn't find any mention of an "update" option in the document you linked. Maybe I'm misunderstanding what you're saying, but either way please don't spend any further time on it. I opened a support case about the fact it didn't work, and they said it was a bug and provided me with a search to update the lookup table manually. I think they might have fixed it at this point. I seem to recall using it not too long ago. ... View more

Re: Splunk Security Essential - MITRE ATT&CK Matri...

by in Splunk Search
‎08-08-2024 09:36 AM
‎08-08-2024 09:36 AM
I created a support ticket, and they confirmed that this is a bug that will be fixed in the next release of SSE. However, they could not provide a date for the update and recommended that I downgrade back to 3.7.1. I did so and that worked. I've asked that they update the "Known Issues" list with this bug info. ... View more

Re: Splunk Security Essential - MITRE ATT&CK Matri...

by in Splunk Search
‎08-07-2024 09:24 AM
‎08-07-2024 09:24 AM
I have the same issue. We use Splunk Cloud, and the permissions are fine. I did not uninstall and reinstall, as I'm not sure of the full ramifications of that. I don't know if it's related or not, but I noticed it after I installed the latest version from Splunkbase.  ... View more

Cloud Monitoring Console - Rebuild forwarder asset...

by in Splunk Cloud Platform
‎01-30-2024 02:46 PM
‎01-30-2024 02:46 PM
When going to CMC -> Forwarders -> Forwarders: deployment, I see that we have 19k+ forwarders, which is completely inaccurate. We have more like 900. It shows 18k+ as missing, and the list has instances decommissioned years ago.  I thought I could fix this by telling it to rebuild the forwarder assets via the button under VMC -> Forwarders -> Forwarder monitor setup, but when I click on this, it processes for about a minute, and then nothing changes. The description makes me think it is supposed to clear out the sim_forwarder_assets.csv lookup and rebuild it using only data it sees within the time frame I selected (24 hours). If I open up the lookup, all the entries it had previously are still there.  Am I misunderstanding how this works, or is something broken? ... View more

Palo Alto Networks App Python 3 Compatibility

by in All Apps and Add-ons
‎05-15-2023 07:39 AM
‎05-15-2023 07:39 AM
The Upgrade Readiness App tells me that version 8.0.2 of my Palo Alto Networks and Palo Alto Networks Add-On apps are incompatible with Python version 3. The Splunkbase page shows it's Splunk Cloud 9.0 compatible, so is it safe to assume this is a false positive? ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎08-22-2024 03:11 PM
Karma given to
View All