AlertName : Splunk DCM: Missing forwarders
Severity Value : Critical
Value : time was not reported
Details : Missing Forwarder(s)-(OS:Linux),(Type:uf)(Ver:6.1.1),(Arch:x86_64),(GUID:52F46369-724B-451E-871B-56CAC309D3FF)
one thing i don't understand is what does "time was not reported" means? I checked with the deployment server and the server phoned back constantly. It is just one of 1000 alerts that had the same keyword "time was not reported"
Anyone had this before in the past?
Thank you
↧