Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk on RPI

DanRyder
New Member
‎11-13-2016 10:32 AM

Hi there,

I have been looking into using the RaspberryPI (RPI) and splunk coupled with a SPAM port to monitor network traffic.

Now, I know there is only Stream and the Universal forwarder that are ported for ARM architecture.

Does this mean I have to have Splunk light/ indexer on a seperate machine - Can I get what I need out of using just the forwarder and the Stream app, or do I need the Splunk Light base too?

I've tried the documentation, my understanding is that I would have to have Splunk on a seperate machine, with RPI forwarding information to it. Is the Stream app not standalone? I would rather everything I need on the RPI alone without the need for a second machine.

Many thanks for any clarification you can provide!

0 Karma
Reply

dcavuto_splunk
Splunk Employee
Splunk Employee
‎11-15-2016 05:22 PM

There is a limited distribution of the Independent Stream Forwarder available until Dec 1. Please contact your Technical Sales team to arrange for a time-limited test of this software.

0 Karma
Reply

ddrillic
Ultra Champion
‎11-13-2016 12:17 PM

The following speaks about it - Splunk Stream on a Raspberry Pi? YES!

It shows -

alt text

You said -

-- I've tried the documentation, my understanding is that I would have to have Splunk on a seperate machine, with RPI forwarding information to it. Is the Stream app not standalone? I would rather everything I need on the RPI alone without the need for a second machine.

So, as you said, the preferred way is to have Splunk on a separate machine and the forwarder and the App for Stream on the Raspberry Pi machine.

Preview file
104 KB
0 Karma
Reply
Get Updates on the Splunk Community!

Cisco Catalyst Center Meets Splunk ITSI: From 'Payments Are Down' to Root Cause in ...

The Problem: When Networks and Services Don't Talk Payment systems fail at a retail location. Customers are ...

Print, Leak, Repeat: UEBA Insider Threats You Can't Ignore

Are you ready to uncover the threats hiding in plain sight? Join us for "Print, Leak, Repeat: UEBA Insider ...

New Year, New Changes for Splunk Certifications

As we embrace a new year, we’re making a small but important update to the Splunk Certification ...