I am attempting to send DNS logs from pi-hole to Splunk, I have the Universal forwarder installed on the Pihole and when I attempt to start Splunk on the UF I get the following error.
I confirmed that the Splunk host is listening on TCP 5353 for that connection and can ping the host from the pi-hole.
Any ideas on what I am missing?

05-29-2019 12:40:42.231 -0400 WARN  TcpOutputFd - Connect to 10.0.155.157:5353 failed. No route to host
05-29-2019 12:40:42.231 -0400 ERROR TcpOutputFd - Connection to host=10.0.155.157:5353 failed
05-29-2019 12:40:42.232 -0400 WARN  TcpOutputFd - Connect to 10.0.155.157:5353 failed. No route to host
05-29-2019 12:40:42.232 -0400 ERROR TcpOutputFd - Connection to host=10.0.155.157:5353 failed

root@raspberrypi:/opt/splunkforwarder/etc/system/local# ping 10.0.155.157
PING 10.0.155.157 (10.0.155.157) 56(84) bytes of data.
64 bytes from 10.0.155.157: icmp_seq=1 ttl=64 time=0.564 ms
64 bytes from 10.0.155.157: icmp_seq=2 ttl=64 time=0.530 ms
64 bytes from 10.0.155.157: icmp_seq=3 ttl=64 time=0.532 ms

Here are the config files on my pi-hole:

inputs.conf

root@raspberrypi:/opt/splunkforwarder/etc/system/local# cat inputs.conf 
[default]
host = raspberrypi
[monitor:///var/log/pihole.log]
index = pihole
sourcetype = dnsmasq
disabled = false

outputs.conf

root@raspberrypi:/opt/splunkforwarder/etc/system/local# cat outputs.conf 
[tcpout]
defaultGroup = default-autolb-group

[tcpout:default-autolb-group]
server = 10.0.155.157:5353

[tcpout-server://10.0.155.157:5353]

props.conf

root@raspberrypi:/opt/splunkforwarder/etc/system/local# cat props.conf 
[dnsmasq]
NO_BINARY_CHECK = true
DATETIME_CONFIG = 
TIME_FORMAT = %b %d %H:%M:%S
MAX_TIMESTAMP_LOOKAHEAD = 24