Dashboard stopped working
I was trying to grab the source code to build my own dashboard and now the URL dash is failing. Getting this error now Search query is not fully resolved. Any help would be appreciated. I was just...
View ArticleOnly the Overview dashboard has data PAN-App v4.1.1 Splunk v6.1.1
I installed the Splunk for Palo Alto Networks app. I am getting data and my index and source types are correct. When I do searches, all the PA fields are getting extracted.However, I only the Overview...
View ArticleDashboard stopped working in Splunk for Palo Alto Networks
I was trying to grab the source code to build my own dashboard and now the URL dash is failing. Getting this error now Search query is not fully resolved. Any help would be appreciated. I was just...
View ArticleDoes app Splunk for Palo Alto Networks go on search head or indexer?
I'm getting ready to install the Splunk app for Palo Alto Networks 3.4 because we are running Splunk 5.0.5, but I have one question. Does the app go on the Search Head or the Indexer?
View ArticleHow is "Top URL Catogory" on main Palo Alto app Dashboard populated? Mine...
Hi.Recently, the "Top URL Catogory" on my main Palo Alto app Dashboard shows "and" (yes, literally the word "and") as the Top URL Category. This was not always the case but not sure when it changed....
View ArticleSplunk for Palo Alto App - Peer Splunk Indexers
We've recently started to change our splunk topology from a single search head / indexer, to search head and remote peer indexers. The PAN splunk app will stay installed on the search head, however now...
View ArticleHow is "Top URL Category" on main Palo Alto app Dashboard populated? Mine...
Hi.Recently, the "Top URL Category" on my main Palo Alto app Dashboard shows "and" (yes, literally the word "and") as the Top URL Category. This was not always the case but not sure when it changed....
View ArticleWrong timestamp in Splunk for Palo Alto Network logs
Hi,I'm sending syslog from my PAN device to splunk and it's indexed with a date stating 2010 instead of 2014.Both index server and PAN device are using Europe/Stockholm and if I tcpdump traffic it's...
View ArticleCan Splunk for Palo Alto Networks app index data on my network without WildFire?
Sorry I'm Splunk newbie. I have Palo Alto Logs into Splunk (realtime).I'm installed Splunk for Palo Alto Networks and Config without WildFire Config. Can I use this app without WildFire. ( I mean...
View ArticleWhy is Splunk for Palo Alto Networks app not displaying traffic dashboard?
Every dashboard working but Traffic dashboard.."Search is waiting for input..." Splunk 6.1 and PA app 4.1.1
View ArticleWhy Splunk App for Palo Alto Networks produces less search results than...
The Splunk App for Palo Alto does not seem to be doing distributed searching. I have an indexer/search head in 3 different regions and when I do a search using the search app on each search head for...
View ArticleSuggestions to set up Splunk for Palo Alto Networks with multiple indexers?
All,I had a request from my user community to add Palo Alto syslogs to Splunk. I found an app, "Splunk for Palo Alto Networks", (release 3.3.2), and loaded it. On our test environment, consisting of 1...
View ArticleInstalling Splunk for Palo Alto Networks
Need some assistance in installing Splunk for Palo Alto.
View ArticleWhy can I not save an exported pdf from the Splunk for Palo Alto Networks App?
When I am in the Palo Alto Networks app and use the "Export PDF" button, a new browser tab opens to display the PDF. However, I cannot save the PDF. The "Save" button seems to be non-functional. Is...
View ArticleGlobal Permission problem with another Splunk app
I have been using the Splunk for Palo Alto Networks app for quite some time now. I am running the most current version 4.1.1 on Splunk Enterprise 6.1.3. The other day, I discovered a conflict with...
View ArticleDoes Palo Alto Networks app lookup vendor_info_for_pan_config need to be set...
I have been using the Splunk for Palo Alto Networks app for quite some time now. I am running the most current version 4.1.1 on Splunk Enterprise 6.1.3. The other day, I discovered a conflict with...
View Articleinputs.conf for PAN app when collecting from syslog server
We already have the pan devices logging to our syslog-ng server. I have deployed the the following inputs.conf to the forwarder:# syslog forwarder inputs [monitor:///var/log/syslog/PaloAlto/]...
View ArticleEmpty Dashboards: How to configure inputs.conf for Splunk for Palo Alto...
We already have the pan devices logging to our syslog-ng server. I have deployed the the following inputs.conf to the forwarder:# syslog forwarder inputs [monitor:///var/log/syslog/PaloAlto/]...
View ArticleHow to blacklist an IP from being indexed for Splunk for Palo Alto Networks?
Hello,We have some PA devices in our network sending data to our master indexer over UDP:515. This data is being indexed fine, but one of our networks that's monitored is a guest network, and is...
View ArticleTraffic/Wildfire Dashboard
Palo App for Splunk all of a sudden not displaying traffic dashboard or Wildfire. All other content working.
View Article