Hi All,
I'm currently implementing a new installation of Splunk.
Single-Server-Scenario server that will have forwarders forwarding data into it.
I'm trying to install the Windows Infrastructure App.
I began by installing the Universal Forwarders and setting a sendtoindexer app.
Here are the configurations in the outputs.conf of the sendtoindexer app:
[tcpout]
defaultGroup = splunkindexers
[tcpout:splunkindexers]
server = splunkprod:9997
[tcpout-server://splunkprod:9997]
Nothing appears in the relevant indexes and i get the following error when i go into the Splunk system activity page:
04-20-2015 15:10:50.415 +0300 ERROR TcpOutputFd - Connection to host=192.168.XX.XXX:9997 failed
Please assist ASAP, any feedback will be helpful...
Thanks a lot!!!
Shahar
... View more