cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
bitofrumncoke
New Member
Member since: ‎05-26-2021
‎05-26-2021
Community Statistics
Posts 2
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎05-26-2021
View All

Re: Alltime-Realtime Able to See Data - Zero Data ...

by in Splunk Search
‎05-26-2021 10:24 AM
‎05-26-2021 10:24 AM
Thanks for the response! Logs are in UTC time it seems so a bit in the future but all time should show data anyway. Still, ran another search for 1 year in the future and 1 year in the past at the same time - still zero data returned with no errors.  ... View more

Alltime-Realtime Able to See Data - Zero Data for ...

by in Splunk Search
‎05-26-2021 08:48 AM
‎05-26-2021 08:48 AM
Strangest thing. I have some Infoblox logs coming in from a Syslog-NG server where we have a UF installed. UF is successfully sending the Infoblox logs to Splunk BUT, I can only see those logs when doing an alltime-realtime search but can't see them anywhere when doing a historical alltime search even when logged in as admin. I can search other logs in the same index but just comes back with "0 events" and no errors in the job - just nothing. Can't find them via sourcetype, source or host. Any ideas? I know the data is there but just can't see it on historical searches.  ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎05-26-2021 02:58 PM