Are there any problems of using Vormatic for encryption on the Splunk servers? Will it affect performance, and are there any alternative methods of encryptions that Splunk suggest?
Vormetric encryption at rest is fine for Splunk. This is handles by the OS, and Splunk isnt aware of it. This is true for all encryption at REST solutions.
The only considerations here are that there is overhead required for encryption / decryption on your disks. Splunk Cloud used to use vormetric for encryption at rest service and we found around 10% to 20% overhead when compared to indexers not using vormetric. So be aware of this when sizing...
"encryption on the Splunk servers" meaning, data from forwarders to indexer encryption ah?!?! (Splunk uses SSL for encryption)
or you want to encrypt the indexed data?!?! (this is not needed)