Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Searches are returning no events in search head cluster

sathishkompelly
Explorer
‎04-24-2019 08:37 AM

Hi,

We are encountering this no results issue for any index logs in only search head cluster, but we can search the logs in non-clustered search heads. Please let us know if you found this or happenned to anyone.

Sathish

Tags (1)
0 Karma
Reply

somesoni2
Revered Legend
‎04-24-2019 08:47 AM

Does your search heads in the cluster have appropriate search peers setup?? (Settings->Distributed Search-> Search peers)

0 Karma
Reply

sathishkompelly
Explorer
‎04-24-2019 08:53 AM

yes we do have all the peers are running fine. with both the ends.

0 Karma
Reply

somesoni2
Revered Legend
‎04-24-2019 09:01 AM

Is it happening for just one index or all the indexes?? If it's just one index, then check whether your role has setup to search that index in the cluster.

0 Karma
Reply
Get Updates on the Splunk Community!

Platform Newsletter Highlights | March 2023

 March 2023 | Check out the latest and greatestIntroducing Splunk Edge Processor, simplified data ...

Enterprise Security Content Updates (ESCU) - New Releases

In the last month, the Splunk Threat Research Team (STRT) has had 3 releases of new content via the Enterprise ...

Thought Leaders are Validating Your Hard Work and Training Rigor

As a Splunk enthusiast and member of the Splunk Community, you are one of thousands who recognize the value of ...