Why the error after restart from a windows vm that...

Splunk Enterprise

This is after a restart from a windows vm that I installed the forwarder on and I put info in the outputs.conf

this is my outputs.conf file i tried to make it the same for windows and linux

currently box 1 is linux vm and box 2 is windows vm Ihave alled traffic on 8089,9997 and so on

i can ping linux host and what I believe to be the ip of splunk.

so first question is whats that error telling me (what do I need to change)?

If my linux ifconfig comes back as 10.1.1.2

but my nslookup of httpS://dinkdonk comes back as 10.1.10.20

which am I using as the ip for forwarding ip address

like when I do this on either linux or windows that ip should be the same right ? see below

./splunk add forward-server 10.10.10.10:9997

./splunk set deploy-poll 10.10.10.10:8089

Also just making sure in this case my linux vm is my DS and search head and indexer right?

Get Updates on the Splunk Community!

🍂 Fall into November with a fresh lineup of Community Office Hours, Tech Talks, and Webinars we’ve ...

Hi Splunk Community, Splunk Platform has set a great foundation for your security operations. With the ...

Splunk, in collaboration with ESG (Enterprise Strategy Group) by TechTarget, is excited to announce a ...

Why the error after restart from a windows vm that I installed the forwarder on and I put info in the outputs.conf?