Hey all, I recently upgraded our Splunk server to 9.1.3. I have a single UF running 8.2 which connects, however my newly deployed 9.1.3 forwarder on server 2 (Windows Server) doesn't connect. This is net new and has never connected. I am seeing mixed info on whether or not SSL certs need to be configured on the forwarder. I see the UF talking to our Enterprise server on port 9997. I am using CA signed certs on the Slunk server and default certificates on the server which uses the UF. Can anyone point me in the right direction to get this working? The output.conf is as follows:
[tcpout]
defaultGroup=default-autolb-group
[tcpout:default-autolb-group]
server=<SPLUNK_IP_SERVER>:9997
useSSL=false
[tcpout-server://<SPLUNK_IP_SERVER>:9997]