All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

IPFIX source type not working: No matching ipfix app found?

shinae
Observer
‎05-02-2023 07:44 PM

I'm seeing this error lines when received IPFIX messages and no data shown as well.
NetFlow (v9) seems working fine. What could be possibly wrong here?

INFO netflow_utils:228 - No matching ipfix app found, terminating the process of pulling configuration from vendor app...

= below are the version info =

Splunk Stream 8.1.0
Splunk_TA_stream_wire_data 8.1.0
Splunk_TA_stream 8.1.0
Splunk Enterprise

Version: 9.0.4 Build: de405f4a7979 Products: hadoop

 

Labels (2)
Tags (2)
0 Karma
Reply

beano501
Engager
‎06-13-2023 06:32 AM

I have a similar issue - if you discover a solution, could you please share

0 Karma
Reply

shinae
Observer
‎06-15-2023 11:40 AM

Yes, luckily we found the issue.

In our case, this behavior showing up when reserved template ID (0-255) is received. The issues had been gone when we updated the template ID 256 or larger.

 

Hope this help.

0 Karma
Reply
Get Updates on the Splunk Community!

More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk

Tuesday, May 14, 2024  |  11AM PT / 2PM ET Register to Attend Join us for this Tech Talk and learn how to ...

.conf24 | Personalize your .conf experience with Learning Paths!

Personalize your .conf24 Experience Learning paths allow you to level up your skill sets and dive deeper ...

Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...

WATCH NOWAs AI starts tackling low level alerts, it's more critical than ever to uplevel your threat hunting ...