Why am I unable to send events to a syslog server with my current heavy forwarder configuration?

Background I tried to configure sending events to a syslog server. Here is my configurations **outputs.conf** [syslog:my_syslog] server = 10.10.10.2:514 type = tcp disabled = false **transforms.conf** [send_to_syslog] REGEX = . DEST_KEY = _SYSLOG_ROUTING FORMAT = my_syslog **props.conf** [sourcetype::access_common] TRANSFORMS-route = send_to_syslog My syslog server's `syslog.conf` *.* /var/log/messages I can simulate a TCP connection on port 514 to my syslog server. However, the events are just not coming in. Any advice? Added Splunk heavy forwarder using: ` splunk enable app SplunkForwarder ` ` ./splunk add forward-server mysyslog:514 -auth admin:changeme` thanks