This is related to Hunk Kafka integration use cases. My question is NOT on how to connect to Kafka from Splunk/Hunk UI.
My understanding is current Splunk forwarders stream data to Splunk indexer - which is $ amount eventually
But is there any Splunk forwarder that can steam data to Kafka queues and eventually to Hadoop - then through Virtual Indexer search Hadoop data in Splunk UI - is there any such Splunk forwarder?
What are the best practices in managing the data in Splunk in a cost effective way.
W.r.t to Question 1.
Currently we do not support streaming events into Kafka.
View solution in original post
In the above question last paragraph I mean "What are the best practices in managing the data in Splunk / Hunk / Hadoop setup in a cost effective way."