We are using the SPLUNK_TAIL_FILE envvar to redirect splunkd.log content to stdout.
When splunkd.log is rotated to splunkd.log.1, the handle of SPLUNK_TAIL_FILE remains with splunkd.log.1 which means that no more logs are visible.
When the log file is rotated, the handle should be released and assigned to the newly created splunkd.log
We are using the SPLUNK_TAIL_FILE envvar to redirect splunkd.log content to stdout.
When splunkd.log is rotated to splunkd.log.1, the handle of SPLUNK_TAIL_FILE remains with splunkd.log.1 which means that no more logs are visible. When the log file is rotated, the handle should be released and assigned to the newly created splunkd.log