I'm a very novice Spluker and have only really upgraded it once and installed it a couple times on our servers to update it. Right now I just installed a new Splunk instance on Server 2019 and am about to migrate our existing Splunk 2012 server over to it. I have already migrated just the warm buckets over to the new server in the cold location. I can search that data, and that's good.
I confirmed the Splunk service is running on the server.
I can ping the server from the network device, and I can ping the network device from the server. There are no Firewalls in place between the device and server and the Windows Server 2019 FW is turned off.
I checked the Windows File structure in the actual VM and it hasn't created a hot bucket yet, so if it's getting the data, it's not
I also installed a Kiwi Syslog server on my desktop and put my IP in the network device and sure enough it's sending data.
I'm not really sure what else to try, so any help or things to check would be appreciated.