Potential Gap in Data

Description

Detects gaps caused by the failure of the search head. If saved searches do not execute then there may be gaps in summary data.

Content Mapping

This content is not mapped to any local saved search. Add mapping


Use Case

Security Monitoring, Compliance

Category

Operations

Alert Volume

Detects gaps caused by the failure of the search head. If saved searches do not execute then there may be gaps in summary data.

SPL Difficulty

Medium

Journey

Stage 1

Data Sources

Any Splunk Logs