Hello,
I want to deploy Splunk for my system but i don`t know what version of Windows is the best running together with Splunk. Can anybody give me an advice ? Because i had been using trial version of Splunk on Windows 7 64 bit, i got a problem when adding data input instructed in user tutorial, but it run well in Window 2003 64 bit. I prefer the newest Windows such as Windows 2008. Is it good for long time running ?
I agree with the above comments. We run Splunk indexer/searching on some reasonably spec'd Win2008 boxes. But if we had to start again we would choose Linux for better I/O performance.
To your point, I'll just add this here and disappear back into the woods: What are the pain points with deploying your Splunk architecture on Windows OS?
Win2003 server will work, but Win2008 has better performances, it is also better for long term maintenance by Microsoft.
About processor 64bit is better than 32, in particular to manage large buckets of data.
But ultimately, per experience, a Linux OS will provide better performances for Indexers or Search-heads than a Windows box.
Forwarders can be on any OS, and if you need to monitor AD/perfmon/etc... you can use a forwarders on a windows box.