I am attempting to send DNS logs from pi-hole to Splunk, I have the Universal forwarder installed on the Pihole and when I attempt to start Splunk on the UF I get the following error.
I confirmed that the Splunk host is listening on TCP 5353 for that connection and can ping the host from the pi-hole.
Any ideas on what I am missing?
05-29-2019 12:40:42.231 -0400 WARN TcpOutputFd - Connect to 10.0.155.157:5353 failed. No route to host
05-29-2019 12:40:42.231 -0400 ERROR TcpOutputFd - Connection to host=10.0.155.157:5353 failed
05-29-2019 12:40:42.232 -0400 WARN TcpOutputFd - Connect to 10.0.155.157:5353 failed. No route to host
05-29-2019 12:40:42.232 -0400 ERROR TcpOutputFd - Connection to host=10.0.155.157:5353 failed
root@raspberrypi:/opt/splunkforwarder/etc/system/local# ping 10.0.155.157
PING 10.0.155.157 (10.0.155.157) 56(84) bytes of data.
64 bytes from 10.0.155.157: icmp_seq=1 ttl=64 time=0.564 ms
64 bytes from 10.0.155.157: icmp_seq=2 ttl=64 time=0.530 ms
64 bytes from 10.0.155.157: icmp_seq=3 ttl=64 time=0.532 ms