UDP listening is not working on one of my UF's. Have PCAPs confirming the events are successfully making it from the expected source to the system with the UF installed on it. So it is not the sending device and the local firewall on the UF system. Below is the error showing in splunkd log:
12-06-2019 18:02:26.913 +0100 ERROR UDPInputProcessor - Error binding to socket in UDPInputProcessor: The operation completed successfully.
Maybe the account the Splunk Universal Forwarder service is running as does not have the right privileges on the system???
Device owner had another application syslog application running and receiving the events. did not communicate this to me until later. configured Splunk to read log files written by their syslog tool. Communication is key!