Why the error after restart from a windows vm that...

Splunk Enterprise

This is after a restart from a windows vm that I installed the forwarder on and I put info in the outputs.conf

this is my outputs.conf file i tried to make it the same for windows and linux

currently box 1 is linux vm and box 2 is windows vm Ihave alled traffic on 8089,9997 and so on

i can ping linux host and what I believe to be the ip of splunk.

so first question is whats that error telling me (what do I need to change)?

If my linux ifconfig comes back as 10.1.1.2

but my nslookup of httpS://dinkdonk comes back as 10.1.10.20

which am I using as the ip for forwarding ip address

like when I do this on either linux or windows that ip should be the same right ? see below

./splunk add forward-server 10.10.10.10:9997

./splunk set deploy-poll 10.10.10.10:8089

Also just making sure in this case my linux vm is my DS and search head and indexer right?

Get Updates on the Splunk Community!

You may have seen mention of the .conf Community Zone 'round these parts and found yourself wondering what ...

May 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious! We’re back with a Special ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Why the error after restart from a windows vm that I installed the forwarder on and I put info in the outputs.conf?