My app server gets restarted once a day. Sometimes, Splunk will treat individual lines as unique log entry. So what should be one log entry becomes multiple log entries. For example,

The below log should be one log but shows up as 4 log entries in Splunk.

[Date] [Time] [ERROR] message line 1
message line 2
message line 3
message line 4

Can anyone advice me on fixing this occasional issue?