Best practices for getting data into Splunk remotely

will the input method queue or retry? Solution:

• Splunk Forwarders is the advised solution.
• Forwarders will send a heartbeat to the Indexer on a configurable interval, defaults to 30 seconds. It Forwarder loses its connection it will try to reconnect until told to stop.
• Can be monitored via scheduled searches on the indexer.