Hello,
We have the latest version of the Palo Alto app on Splunk 6.0.2.
The events are being sent correctly into Splunk. I can search for the various fields with the macros (pan_threat, pan_traffic,pan_url, etc) and get data.
The Overview dashboard looks to be working, but the "Top Applications" panel is showing an error of "In handler 'savedsearch': Error while dispatching search". This is the same problem as someone else posted about.
All of the other dashboards (Traffic, Threat, Content, WildFire, Console) return "No results found." for every panel.
Any pointers?
Thanks, Rob