All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Splunk for Symantec: Why am I getting messages "The lookup table 'networkservice' does not exist. It is referenced by configuration 'cisco:..."?

jwalzerpitt
Influencer
‎12-23-2014 06:00 AM

Has anyone else seen these messages in the Splunk for Symantec app:

The lookup table 'networkservice' does not exist. It is referenced by configuration 'cisco:asa.
The lookup table 'networkservice' does not exist. It is referenced by configuration 'cisco:fwsm'.
The lookup table 'networkservice' does not exist. It is referenced by configuration 'cisco:pix'.

Trying to figure out how/where these lookup table calls are invoked so I can suppress them.

Thx

Reply

tskinnerivsec
Contributor
‎01-22-2015 11:10 AM

I'm troubleshooting the same isssue. In my case they are coming from SA-cisco-asa, but when searching through AV data, no fields in the search results should trigger the search results. I tried editing permissions, etc. I thought this was due to the fact that I'm using a limited user that only has access to the AV index and nothing else. I do not see these issues arise with an admin user that has more rights in my Splunk installation, I only witness this with a user account that is limited to the one search index.

0 Karma
Reply
Get Updates on the Splunk Community!

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

Take a look below to explore our upcoming Community Office Hours, Tech Talks, and Webinars this month. This ...

They're back! Join the SplunkTrust and MVP at .conf24

With our highly anticipated annual conference, .conf, comes the fez-wearers you can trust! The SplunkTrust, as ...

Enterprise Security Content Update (ESCU) | New Releases

Last month, the Splunk Threat Research Team had two releases of new security content via the Enterprise ...