We use cookies to ensure that we give you the best experience on our website. By continuing your visit on the website, you consent to the use of the cookies. If you want to find out more about the cookies we use, you can access our Privacy Policy.
Organizations may implement the rolling of log files on a periodic basis. This could be daily, weekly or any frequency. One scenario that can happen is where Splunk does not realize that the rolled log file has new data and does not ingest as desired. It could be a file with the same name or even a separate file. This demo session is a walkthrough of how to troubleshoot ingestion issues and how to calculate and apply the necessary configuration settings to get Splunk rocking and [log] rolling again.
Discovering Splunk in 2012 was life changing for me in so many ways. Ever since, I have had an amazing action packed Splunk journey. I have been a customer at times, partner at times and a community warrior always. I started the Splunk User Group London in 2013, which I still run with fellow SplunkTrust member, Oliver Hoppe. We had had more than 1,000 unique community members attend our sessions. I have been blessed to speak at .conf on a few occasions and have been helping and assisting individuals and organizations around the world on a voluntary basis for many years. I have been a member of SplunkTrust since 2015. I am rejuvenating myself as a certified Splunk consultant this year. I am really pleased to collaborate on this exciting talk with a genuine gentleman and community champion, Suman Gajavelly.
