We have just set up Distributed search with 2 indexers and one search node. Our data source is a folder with log files. The splunkd.log show many lines with the following WatchFile - using folow tail will begin reading EOF for F:splunkindex01.... But we get No results when searching. Are we being impatient?
↧