I have download an eval copy of nxlog EE, and am trying to send Microsoft DNS logs to my Splunk Cloud instance. I've read thru various documentation, but am getting an error "ERROR SSL certificate verification failed: self signed certificate in certificate chain (err: 19)", which is confusing me, because I am sending this to Splunk Cloud over HEC, which should have proper cert chain, so I'm not sure where it's getting a self-signed cert from. Here is what my config file looks like (not the whole thing, just the points of interest):
AddHeader Authorization: Splunk <auth key from Splunk HEC>
Path dns_analytical => splunk_out
I could use on my local on-prem heavy forwarder but I would really like to send directly to Splunk Cloud over HEC, since it will minimize some moving parts.