I am Splunk newbie. System installed and running happily. I have an alert for some types of Splunk Errors. The last few days I have been getting massive amounts of errors associated with a specific Universal Forwarder host:
WARN HttpListener - Socket error from [ip address] while idling: Read Timeout
I don't have any clue what this means or how to diagnose/address it, so any assistance would be appreciated.
I am getting this same message in my splunkd.log on the indexers. Any idea what it means? Thanks!