This is a known issue for the version 4.7.0 of ES app. The issue is now fixed in 4.7.2 and higher
As a workaround, you can edit :
/opt/splunk/etc/apps/DA-ESS-ThreatIntelligence/bin/configuration_checks/confcheck_failed_threat_download.py as below
Change:
job = splunk.search.dispatch(search_string, sessionKey=session_key, earliest=earliest)
To:
job = splunk.search.dispatch(search_string, sessionKey=session_key, earliest_time=earliest)
The difference on that last line is the earliest_time= setting....once I did that the warnings went away.
Let me know how it goes.
... View more