Screenshot - http://prntscr.com/hb80wm
1. Dashboards not show all data
2. Dat red exclamation mark show this error: command="predict", LLT instance has no attribute 'epsilon'
What i did.
I installed linux-auditd and TA_linux_auditd in $SPLUNK_HOME/etc/apps/
TA_linux_auditd I also installed in $SPLUNK_HOME/etc/deployment_apps/ for my Server Class.
↧