Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Why is logging on splunk cloud lagging behind logging on splunk enterprise on prem instance for few minutes?

Pavan0604
Loves-to-Learn
‎09-19-2022 10:53 AM

Initially we were using splunk enterprise to log our real time logs. But few days before we have moved onto splunk cloud for logging.

And also have migrated all the alerts and dashboards from splunk enterprise to splunk cloud.

Now we are observing that there is a lag in logs sent to splunk cloud.

As logs are getting delayed for few minutes on splunk cloud compared to splunk enterprise. Need to understand what's the reason can someone please guide

Labels (1)
Labels
0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎10-04-2022 04:21 AM

Hi

what you are meaning with "lagging behind logging"? _time is wrong or there are delays before log events are usable on SC or something else?

r. Ismo

0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...