Splunk Enterprise
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Forwarders not forwarding

dfarr
Explorer
a month ago

Hello, we are having repeated issues where forwarders stop sending logs every week or two. Its different systems at different times. These are on Windows hosts. We can go in stop, and restart the service, at which point they will begin working again. Is there anything specific we can do to alleviate this issues. My only plan now is a scheduled task to restart them every few days. 

Labels (2)
0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
a month ago
There are known issues at least some 9.4.x versions UFs and HFs at least.
You could try 9.4.4 (some CVE, so if those are affecting you don't use) and 9.4.6 at least are working in our cases.
Reply

dfarr
Explorer
4 weeks ago

Ok, Thank you, WE have an upgrade coming soon in our new baseline, I'll check if it is 9.4.4 or 9.4.6.  

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk MCP & Agentic AI: Machine Data Without Limits

  Discover how the Splunk Model Context Protocol (MCP) Server can revolutionize the way your organization ...

Finding Based Detections General Availability

Overview  We’ve come a long way, folks, but here in Enterprise Security 8.4 I’m happy to announce Finding ...

Get Your Hands Dirty (and Your Shoes Comfy): The Splunk Experience

Hands-On Learning and Technical Seminars  Sometimes, you just need to see the code. For those looking for a ...