Splunk on RPI

DanRyder · ‎11-13-2016

Hi there,

I have been looking into using the RaspberryPI (RPI) and splunk coupled with a SPAM port to monitor network traffic.

Now, I know there is only Stream and the Universal forwarder that are ported for ARM architecture.

Does this mean I have to have Splunk light/ indexer on a seperate machine - Can I get what I need out of using just the forwarder and the Stream app, or do I need the Splunk Light base too?

I've tried the documentation, my understanding is that I would have to have Splunk on a seperate machine, with RPI forwarding information to it. Is the Stream app not standalone? I would rather everything I need on the RPI alone without the need for a second machine.

Many thanks for any clarification you can provide!

dcavuto_splunk · ‎11-15-2016

There is a limited distribution of the Independent Stream Forwarder available until Dec 1. Please contact your Technical Sales team to arrange for a time-limited test of this software.

ddrillic · ‎11-13-2016

The following speaks about it - Splunk Stream on a Raspberry Pi? YES!

It shows -

You said -

-- I've tried the documentation, my understanding is that I would have to have Splunk on a seperate machine, with RPI forwarding information to it. Is the Stream app not standalone? I would rather everything I need on the RPI alone without the need for a second machine.

So, as you said, the preferred way is to have Splunk on a separate machine and the forwarder and the App for Stream on the Raspberry Pi machine.

Splunk on RPI

Everything Community at .conf24!

Index This | I’m short for "configuration file.” What am I?

New Articles from Academic Learning Partners, Help Expand Lantern’s Use Case Library, ...