SIEM agent is no longer forwarding events to Splunk

When running the SIEM agent command with the -d to output to a debug log, it shows the error Too Many Values

If there is too much data for the SIEM agent to download, it will result in the error. 

The SIEM agent creates 2 files to mark where it left off last.  export_log.lock and last_job.status.  If those files are removed, or if too much time has passed since the SIEM agent last ran, it could result in too many events to download

Run the SIEM command with a  - -start_date parameter to limit the amount of data being pulled from CloudSOC. Once this runs successfully, the start date can be increased to include more data, or the --start_date parameter can be removed completely.