This is in every panel on the dashboard - "Error in 'SearchParser': The search specifies a macro 'fgt_logs' that cannot be found. Reasons include: the macro name is misspelled, you do not have "read" permission for the macro, or the macro has not been shared with this application. Click Settings, Advanced search, Search Macros to view macro information. "
In "Advanced search"-"search macro" I have only `"_ftnt_dropdown(2)"`
tstats summariesonly=true count FROM datamodel="ftnt_fos" WHERE nodename="$node$" groupby $field$ | rename $field$ as field | eval field_with_count = field . " (" . count . ")"
When I search data in Splunk-search I saw every log from fortigate.
Help me with this problem. What can I do?
↧