Archive2

Some logs were missed by splunk in search index

New Member

While using splunk, we are missing some events in search index. There is no repeated behavior of this kind but they are missing very rarely causing to create in-correct details.

We get beginning of a process logs but we are not receiving the ended process logs, so splunk is showing in-correct details about run time of some process. The same process was properly logged 99% of the time but missing 1%.

Is there a way to fix this issue?

Splunk version: 6.4.3

Tags (1)
0 Karma
Reply