Last event is not pushed to Splunk until new event occurs

What happened: Last log event is not pushed to splunk What you expected to happen: Everything should be pushed to Splunk How to reproduce it (as minimally and precisely as possible): This is my filter in output.conf <filter tail.containers.var.log.containers.sb-*.log> @type concat key log timeout_label @SPLUNK stream_identity_key stream multiline_start_regexp /^\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}|^\d{4}-\d{2}-\d{2}\s\d{2}:\d{2}:\d{2}|^\d{1,3}.\d{1,3}.\d{1,3}.\d{1,3}\s-\s-/ multiline_end_regexp /\\n$/ separator "" flush_interval 2s use_first_timestamp true </filter> Anything else we need to know?:

Environment:

• Kubernetes version (use kubectl version):1.15.5
• Ruby version (use ruby --version):
• OS (e.g: cat /etc/os-release):NAME=“Red Hat Enterprise Linux Server” VERSION=“7.7 (Maipo)”
• Splunk version:7.3.3
• Others: