All Apps and Add-ons

how to work the PaloAlto App with ver 5.3.1 in splunk 7.0.1

Shuhei052492
Path Finder

Hi,

I would like to know how to work "Palo Alto Networks App for Splunk" in Splunk version 7.0.2, which version is 5.3.1.
I have already install "Palo Alto Networks Add-on for Splunk" which version is 3.7.1.

pan_traffic and pan_threat could be searched and show the folowing fields.
eventtype=pan
eventtype=pan_threat
eventtype=pan_traffic

Additionally, these datamodels which are "Palo Alto Networks Firewall Logs" and "Network Traffic" have been acceleration.

But this app is not working...
I have known that SplunkBase show this version is not applied with Splunk 7.x.

Actually I would like not to change this version, because these visualisation would be changed a lot.
Are there any way to use this app version? Or Do I have to change the app version which is over6.0.x.?
If someone counl work this app version fine in same case, please let me know which settings you changed. Also please check whether you are getting these error.

Error message1:
File "/opt/splunk/etc/apps/SplunkforPaloAltoNetworks/bin/lib/common.py", line 182, in exit_with_error
Error message2:
2018-02-26 13:08:01,026 +0900 ERROR common:182 - File "/opt/splunk/etc/apps/SplunkforPaloAltoNetworks/bin/retrieveWildFireReport.py", line 143, in

If you need more info to solve this issue, please let me know.
I appreciate any anwers.

Best regard,

0 Karma
1 Solution

HiroshiSatoh
Champion

Although it may not be the answer ...
In my environment, old APP is running.

View solution in original post

HiroshiSatoh
Champion

Although it may not be the answer ...
In my environment, old APP is running.

Shuhei052492
Path Finder

Thanks a lot!
In my environment, this app also work!

0 Karma
Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...