Why the error after restart from a windows vm that...

Splunk Enterprise

This is after a restart from a windows vm that I installed the forwarder on and I put info in the outputs.conf

this is my outputs.conf file i tried to make it the same for windows and linux

currently box 1 is linux vm and box 2 is windows vm Ihave alled traffic on 8089,9997 and so on

i can ping linux host and what I believe to be the ip of splunk.

so first question is whats that error telling me (what do I need to change)?

If my linux ifconfig comes back as 10.1.1.2

but my nslookup of httpS://dinkdonk comes back as 10.1.10.20

which am I using as the ip for forwarding ip address

like when I do this on either linux or windows that ip should be the same right ? see below

./splunk add forward-server 10.10.10.10:9997

./splunk set deploy-poll 10.10.10.10:8089

Also just making sure in this case my linux vm is my DS and search head and indexer right?

Get Updates on the Splunk Community!

If you’ve ever deployed a new database cluster, spun up a caching layer, or added a load balancer, you know it ...

Financial fraud isn't slowing down. If anything, it's getting more sophisticated. Account takeovers, credit ...

Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...

Why the error after restart from a windows vm that I installed the forwarder on and I put info in the outputs.conf?