Describe the bug
This tripped an alert of mine that looks for errors with SavedSplunker in the internal logs
07-28-2022 06:01:04.168 +0000 ERROR SavedSplunker - savedsearch_id="nobody;github_app_for_splunk;generate_user_access_lookup", message="Error in 'outputlookup' command: The lookup table 'last_access_by_user' is invalid.". No actions executed
To Reproduce
Install app, and wait 24 hours for scheduled search to get triggered, and look in internal logs for failures.
Expected behavior
The app should ship with a transforms.conf entry with the lookup to generate it.
Describe the bug This tripped an alert of mine that looks for errors with SavedSplunker in the internal logs
07-28-2022 06:01:04.168 +0000 ERROR SavedSplunker - savedsearch_id="nobody;github_app_for_splunk;generate_user_access_lookup", message="Error in 'outputlookup' command: The lookup table 'last_access_by_user' is invalid.". No actions executed
To Reproduce Install app, and wait 24 hours for scheduled search to get triggered, and look in internal logs for failures.
Expected behavior The app should ship with a transforms.conf entry with the lookup to generate it.