bossi6of9

Update: Started using the splunk time-picker and made some progress. Now, I get the following: External search command 'ess' returned error code 1. Script output = "error_message=ScanError at "/opt/splunk/etc/apps/elasticsplunk-master/bin/elasticsearch/helpers/__init__.py", line...

Sorry for not getting back earlier - this is all set. Issue on my side.

Hi, Any update on this issue?

Thanks for getting back to me. When I enter that in the Kibana console, I get: { "error": { "root_cause": [ { "type": "query_shard_exception", "reason": "No mapping found for [timestamp]...

Update: I tried another search, using this: query="IPV4_DST_ADDR:1.*.*.*" and it worked. However, if I try that with query="IPV4_DST_ADDR:10.*.*.*", then it never finishes. On Tue, Jul 17, 2018 at 9:12 AM,...