splunkforwarder-monitor exit itself, and I got following message. I saw a similar issue reported for splunk version prior 6.1.3. But in my case, we are using version 8.1.3

[root@em21 splunkforwarder]# systemctl status splunkforwarder -l
* splunkforwarder.service - Splunk Universal Forwarder Process Monitor
Loaded: loaded (/etc/systemd/system/splunkforwarder.service; enabled; vendor preset: disabled)
Active: inactive (dead) since Wed 2022-11-02 00:11:03 UTC; 1 weeks 4 days ago
Process: 45771 ExecStop=/etc/splunk/splunkforwarder-monitor stop (code=exited, status=0/SUCCESS)
Process: 38220 ExecStart=/etc/splunk/splunkforwarder-monitor start (code=exited, status=0/SUCCESS)
Main PID: 38220 (code=exited, status=0/SUCCESS)
Memory: 6.4M
CGroup: /system.slice/splunkforwarder.service

Nov 01 23:56:51 em21 splunkforwarder-monitor[38220]: Done
Nov 01 23:56:51 em21 splunkforwarder-monitor[38220]: Checking default conf files for edits...
Nov 01 23:56:51 em21 splunkforwarder-monitor[38220]: Validating installed files against hashes from '/opt/splunkforwarder/splunkforwarder-8.1.3-63079c59e632-linux-2.6-x86_64-manifest'
Nov 01 23:56:52 em21 splunkforwarder-monitor[38220]: [ OK ]
Nov 01 23:56:52 em21 splunkforwarder-monitor[38220]: All installed files intact.
Nov 01 23:56:52 em21 splunkforwarder-monitor[38220]: Done
Nov 01 23:56:52 em21 splunkforwarder-monitor[38220]: All preliminary checks passed.
Nov 01 23:56:52 em21 splunkforwarder-monitor[38220]: Starting splunk server daemon (splunkd)...
Nov 01 23:56:52 em21 splunkforwarder-monitor[38220]: Done
Nov 02 00:11:03 em21 splunkforwarder-monitor[38220]: INFO: /opt/splunkforwarder/var/run/splunk/conf-mutator.pid is gone, which indicates that splunk existed successfully. Quiting splunkforwarder-monitor...
[root@em21 splunkforwarder]#

[root@em21 splunkforwarder]# rpm -qa | grep splunk
splunkforwarder-configure-3.7-48.noarch
splunkforwarder-8.1.3-63079c59e632.x86_64
[root@em21 splunkforwarder]#