Hi - having issues with a Windows UF we are having to restart circa weekly to clear the issue below which happens at random times (the parsingQueue error being the first in the chain); the TcpOutProc errors continue until the UF is restarted. The amount of data being sent [hourly, on the hour] is very small. Is this issue with the Forwarder or with the remote Splunk indexer, the forwarder seems to work OK at all other times ? NB : 'Phone Home' msgs removed. I can't see this exact scenario in other related Splunk Qs. MANY THANKS!!
"05-14-2020 14:45:37.371 +0100 WARN TcpOutputProc - The TCP output processor has paused the data flow. Forwarding to output group default-autolb-group has been blocked for 300 seconds. This will probably stall the data flow towards indexing and other network outputs. Review the receiving system's health in the Splunk Monitoring Console. It is probably not accepting data
"05-14-2020 14:43:57.048 +0100 WARN TcpOutputProc - The TCP output processor has paused the data flow. Forwarding to output group default-autolb-group has been blocked for 200 seconds. This will probably stall the data flow towards indexing and other network outputs. Review the receiving system's health in the Splunk Monitoring Console. It is probably not accepting data"05-14-2020 14:43:40.009 "05-14-2020 14:43:22.638 +0100 WARN TailReader - Could not send data to output queue (parsingQueue), retrying...","2020-05-14T14:43:22.638+0100",PRDU0000001,"_internal",1,"C:\Program Files\SplunkUniversalForwarder\var\log\splunk\splunkd.log",splunkd