Retrieve logs from Splunk

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Retrieve logs from Splunk

L0 Member

Hello team,

 

I´ve just started with expedition and I´m working on trying to get logs from Splunk. Whenever I run a query i´m getting the following errors in the task manager log and the file/info is never retrieved. 

I´m on version 1.2.64 BP3.33.0

 

Tue, 11 Jul 2023 09:51:27 +0200 Start Task
Action: Request
Traffic Log from Splunk:
Target: XXXXXXXXX
Date: 2023-07-09

Notice: Trying to get property of non-object in /var/www/html/console/messaging/classes/PaloAltoNetworks/Processes/Devices/Splunk/RetrieveFromSplunk.php on line 323

Notice: Trying to get property of non-object in /var/www/html/console/messaging/classes/PaloAltoNetworks/Processes/Devices/Splunk/RetrieveFromSplunk.php on line 324

Notice: Trying to get property of non-object in /var/www/html/console/messaging/classes/PaloAltoNetworks/Processes/Devices/Splunk/RetrieveFromSplunk.php on line 325

Notice: Trying to get property of non-object in /var/www/html/console/messaging/classes/PaloAltoNetworks/Processes/Devices/Splunk/RetrieveFromSplunk.php on line 326

Notice: Trying to get property of non-object in /var/www/html/console/messaging/classes/PaloAltoNetworks/Processes/Devices/Splunk/RetrieveFromSplunk.php on line 327

Notice: Trying to get property of non-object in /var/www/html/console/messaging/classes/PaloAltoNetworks/Processes/Devices/Splunk/RetrieveFromSplunk.php on line 328

Notice: Trying to get property of non-object in /var/www/html/console/messaging/classes/PaloAltoNetworks/Processes/Devices/Splunk/RetrieveFromSplunk.php on line 329

Notice: Trying to get property of non-object in /var/www/html/console/messaging/classes/PaloAltoNetworks/Processes/Devices/Splunk/RetrieveFromSplunk.php on line 333
The xml:

Tue, 11 Jul 2023 09:51:27 +0200 End Task

 

Thank you.

2 REPLIES 2

L4 Transporter

Hi @Gonza 

 

Thanks for reaching out.

 

Please could you send an email to fwmigrate@paloaltonetworks.com including an screenshoot of the window where you prepare the splunk queries and execute them?

Please make sure that the screenshot contains all the "list of requested traffic logs". 

 

Thanks in advance,

 

David

L0 Member

Hi @dpuigdomenec 

Info sent.

 

Thanks in advance for the help.

  • 662 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!