I have installed splunk on machine 1 and universal forwarder on machine 2. I can see on forwarder:

C:\Program Files\SplunkUniversalForwarder\bin>splunk list forward-server
Active forwards:
XXX.XX.XX.XXX:9997
Configured but inactive forwards:
None

however when i go and check in splunk, i don't see any forwarder details.
the C:\Program Files\Splunk\etc\system\local\inputs.conf is like below.

[default]
host = <IP of machine where splunk is installed>
[splunktcp://:9997]
disabled = 0

The outputs.conf on forwarder is like below

[tcpout]
defaultGroup = default-autolb-group
[tcpout:default-autolb-group]
server = <receiverIP>:9997
[tcpout-server://<receiverip>:9997]

I checked in splunkd logs in forwarder, there is no error corresponding to tcpout.
I am able to telnet on 9997 port from forwarder to receiver

Please advise.