I am new to Splunk Cloud. Recently we have purchased Splunk Cloud for our organization and I have got the Splunk Cloud URL as provided by the Support.
Post which I have tried to ingest some logs from a server into Splunk cloud by navigating to Splunk Cloud URL->Universal Forwarder. And I have followed the exact steps as mentioned in the below URL:
https://docs.splunk.com/Documentation/SplunkCloud/7.1.3/User/ForwardDataToSplunkCloudFromWindows
I have downloaded and installed the UF in the machine. Then have downloaded the splunkclouduf.spl file and installed as mentioned. And restarted the Splunk Forwarder services but still I couldn’t able to see any internal logs for the server itself.
When I search the data for last 30 minutes as index=_internal I am getting the results for Indexers, Search Head and so on but not for the particular host which we have installed with UF.
And also when I checked the splunkd.log of the particular host I am getting these messages.
TcpOutputProc - The TCP output processor has paused the data flow. Forwarding to output group splunkcloud has been blocked for 61300 seconds. This will probably stall the data flow towards indexing and other network outputs. Review the receiving system's health in the Splunk Monitoring Console. It is probably not accepting data.
