Verifying Log Data

Check for missing log data by either:

Log Performance Statistics

The Log Performance page provides a summary view and a breakdown of log delivery failures for up to the last 30 days.

Find out which log files are missing by manually checking for gaps in the sequence number reported by each Real-Time Log Delivery software agent.
Learn more.

Key information:

Checking for Sequence Number Gaps

Use the following information when assessing whether there is a gap in the sequential number reported by each Real-Time Log Delivery software agent.

If log data uses either the JSON Array or JSON Lines log format, then you will be unable to use the JSON payload to check for sequence number gaps. This means that you will be unable to check for sequence gaps when delivering log data to your web server(s), Splunk Enterprise, Sumo Logic, Datadog, or New Relic.

Log File Example

RTLD CDN: On 12/8/2019, the log file naming convention was updated to include the profile ID for your Real-Time Log Delivery configuration.

Let's assume that your AWS S3 bucket, Azure Blob container, or Google Cloud Storage bucket contains the following log files:




In this situation, we can tell that there is missing log data. Specifically, the log entries associated with the following log file are missing: