Forum Discussion
OMSAgent - CEF logs are sent but not appearing in Sentinel
Hi, We are trying to forward CEF logs to Sentinel using an oms-agent instance. We have successfully onboarded the logs at first, but after about an hour, logs stopped appearing. We have turne...
I was having transient issue yesterday where I would load CEF logs and not be able to query them until 1hr later even though the ingestion_time() indicated they only took 20s to arrive. Shortly after all the logs disappeared again... it was another hour after that before I could see them all again :S.
This was the first time loading CEF logs into this account, perhaps there's some latency in the setup process for the first logs that come through 🤷‍:male_sign:
This was the first time loading CEF logs into this account, perhaps there's some latency in the setup process for the first logs that come through 🤷‍:male_sign: