Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Why is the latest event indexed 4 days ago when server logs show current data?

taylorl
Explorer
‎08-08-2014 04:31 AM

Hi,

I have an issue currently where the last event was 4 days ago. I have checked the server logs manually and I can see we have a lot that splunk can not see. I think the service accounts were changed to a new one and then back to their accounts which leads me to believe this is the cause of the issue I am facing now.

Can anyone point me in the right direction on where to look to start troubleshooting? Restarting the services has been done and I can confirm they have been put back to the original starting ones.

Cheers!

Tags (3)
Reply
1 Solution
Solved! Jump to solution
Solution

taylorl
Explorer
‎08-08-2014 04:35 AM

Actually I have just figured it out. Turns out the UNIVERSAL FORWARD service had been stopped. Restarted that and it's now working.

I should have also mentioned in my original post I had an UNIVERSAL FORWARD.

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

taylorl
Explorer
‎08-08-2014 04:35 AM

Actually I have just figured it out. Turns out the UNIVERSAL FORWARD service had been stopped. Restarted that and it's now working.

I should have also mentioned in my original post I had an UNIVERSAL FORWARD.

0 Karma
Reply
Get Updates on the Splunk Community!

Detecting Remote Code Executions With the Splunk Threat Research Team

REGISTER NOWRemote code execution (RCE) vulnerabilities pose a significant risk to organizations. If ...

Observability | Use Synthetic Monitoring for Website Metadata Verification

If you are on Splunk Observability Cloud, you may already have Synthetic Monitoringin your observability ...

More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk

Tuesday, May 14, 2024  |  11AM PT / 2PM ET Register to Attend Join us for this Tech Talk and learn how to ...