Just installed Splunk 6.6.3 and the Palo Alto App 5.4.2 on Windows server 2016. I'm facing an issue with real-time searches in the traffic-dashboard of the Palo Alto app. All relative searches like "last 15 min, last 4 hours, ..." are working fine. As soon as I choose a real-time search from the presets menu (doesn't matter which one) I get the following error on all graphs -> Error in 'tstats' command: This command is not supported in a real-time search
Any ideas?
Thanks Oliver
↧