Hi Team,
I have successfully indexed the data but it is not getting displayed in Search, don't know what has gone wrong. Its a file-upload(one time indexing) type of data input configuration and i have created a new index for that particular file and a new sourcetype also.
I could able to see the logs while configuring the event breaking and timestamp format, but when i am searching for that particular index and sourcetype , i couldnt able to find any logs in the search head.
Kindly help me to identify the issue.
Its seems like a strange issue as iam experiencing it in even after two times reinstallation of splunk enterprise in my linux testing server.
Note: iam not experiencing this issue in any of the another linux server.
... View more