Initially I did not enable Enterprise Security however after some time I enabled the check and restarted the Search Head.
I've been receiving a warning on Search Head i.e. "Health Check: One or more apps("TA-recordedfuture") that had previously been imported are not exporting configurations globally to system. Configuration objects not exported to System will be unavailable in Enterprise Security.
When I checked the messages which Splunk shows after restart in console, one of them was, Invalid Key in stanza [proxy] in /opt/splunk/etc/apps/TA-recordedfuture/local/recordedfuture_settings.conf line #
and when I checked that line # the content was proxy_rdns = 0.
I've enabled the proxy settings and have verified that it is working alright so I'm not clear why this warning message is being shown on Search Head Web and on restarting I get the Invalid Key in stanza message.
I'd appreciate if anyone could help me understand this situation. Thanks.