We have below stanza in /opt/splunk/etc/splunk-launch.conf file of the heavy forwarder to avoid any security risks. This means the heavy forwarder is bind to localhost only.
However, we want to receive the data on this heavy forwarder from a specific machine using the HTTP event collector app.
Is there any way to receive the events without removing this stanza? Has anyone else faced a similar situation?