Splunk for Enterprise Security: Why loading the de...

tkopchak · ‎03-12-2015

Any time I load the debug/refresh endpoint, correlation searches stop running. Or, at least, they stop producing notable events. Is this expected behavior and if not, what's going on?

Splunk Enterprise 6.2.2, Splunk App for Enterprise Security 3.2.

madcitygeek · ‎03-26-2015

I don't know what is going on, but I see the same behavior on 6.1.6 and 3.1.1.

Restarting Splunk on the ESS box fixes the glitch for me.

Splunk for Enterprise Security: Why loading the debug/refresh endpoint causes correlation searches to stop producing notable events?

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!

Read the report >

Splunk for Enterprise Security: Why loading the debug/refresh endpoint causes correlation searches to stop producing notable events?

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.Find out what your skills are worth! Read the report >

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!

Read the report >