Hi! I am trying to get the Splunk app, https://splunkbase.splunk.com/app/3850, working in a lab. I have installed Splunk (Free version) 7.2 (also tested 7.3) on a Windows 10 machine. But my dashboard is not populated.

I have tried with curl to the API, and it works fine:

curl -k -i -H "Authorization: Token  <token> " "https://csp.infoblox.com/api/dnsdata/v1/dns_event?source=category&t0=1562609321&t1=1562617900&_format=cef" -s

I have followed the instructions for the app, even reinstalled Splunk in different version, as well as multiple restarts of the Splunk app. I have never worked with Splunk before, so I am a bit lost.

This is what the Infoblox Input config looks like

What do I do wrong? Any tips? The reason I want to try the dashboard is due to Bloxone dosen't have any reporting functions -- which I need, since we don't have a SIEM.