Migration Issues:
The activity happened was Migration..
Migration from Standalone Splunk instance to a clustered indexer set-up of 2 indexers.
Issue:
After migration, one of the indexers keeps crashing the moment we enabled receiving on the Indexer.
Root Cause:
$SPLUNK_DB folder did not have the required permission. Only read permission was granted to the user for $SPLUNK_DB which makes it impossible for Splunk to receive and process data.
Solution:
Enable “Full control“ for the $SPLUNK_DB directory.
Note: In general, Splunk should have "full control" permission over all the directories under "C:\Program Files\Splunk\".