Installation
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk Arm64 download

unixmit
Engager
‎10-04-2017 05:12 AM

In the requirements for Splunk Enterprise it says that there is a download for Arm64 but it not supported. I can’t find the download though. Anyone know where I can get it?

Thanks.

Tags (1)
Reply

ericg_splunk
Splunk Employee
Splunk Employee
‎04-04-2020 07:29 AM

Please vote for Splunk ARMv8-64 UF here: https://ideas.splunk.com/ideas/APPSID-I-35

0 Karma
Reply

ericg_splunk
Splunk Employee
Splunk Employee
‎04-04-2020 07:23 AM

I was able to get the ARMv6, 32-bit Splunk Universal Forwarder to work on a "Raspberry Pi 4" running Ubuntu (19.10 (Eoan Ermine)) using these steps:

  1. dpkg --add-architecture armhf
  2. apt-get update
  3. apt-get install libc6:armhf
  4. libstdc++6:armhf
  5. cd /lib
  6. ln -s arm-linux-gnueabihf/ld-2.30.so ld-linux.so.3

Output from "uname -a": Linux ubuntu 5.3.0-1014-raspi2 #16-Ubuntu SMP Tue Nov 26 11:18:23 UTC 2019 aarch64 aarch64 aarch64 GNU/Linux

/opt/splunkforwarder/bin/splunk start

Splunk> Map. Reduce. Recycle.

Checking prerequisites...
Checking mgmt port [8089]: open
Checking conf files for problems...
Done
Checking default conf files for edits...
Validating installed files against hashes from '/opt/splunkforwarder/splunkforwarder-8.0.3-a6754d8441bf-Linux-arm-manifest'
All installed files intact.
Done
All preliminary checks passed.

Starting splunk server daemon (splunkd)...
Done

0 Karma
Reply

mayurr98
Super Champion
‎01-09-2018 11:16 PM

Read this blog it may help you
https://www.splunk.com/blog/2016/02/03/splunk-stream-on-a-raspberry-pi-yes.html
https://www.splunk.com/en_us/download/universal-forwarder.html#tabs/linux

I hope this helps you!

0 Karma
Reply

splunkben
Explorer
‎01-10-2018 12:07 AM

I've seen that already. That is only for 32bit arm linux. I am looking for 64bit arm linux (aarch64) splunk universal forwarder. The splunk UF download page only has 32bit for arm. Also I am interested in monitoring log files with splunk UF - not just packet captures via a tap or HEC postings of events.

Reply

s2_splunk
Splunk Employee
Splunk Employee
‎10-04-2017 12:30 PM

Can you provide the link to the docs you reference? I am not aware of an ARM download for Splunk Enterprise, but there is one for a Universal Forwarder. Or at least there was; the relevant splunkbase page now shows that it was removed.

0 Karma
Reply

splunkben
Explorer
‎01-09-2018 09:37 PM

There is a linux splunk UF for armv6 (32 bit) available on the splunk downloads page, but nothing yet for armv8 (64 bit) linux. Any idea when that might be available?

0 Karma
Reply

lfedak_splunk
Splunk Employee
Splunk Employee
‎10-04-2017 02:03 PM

Hey @unixmit and @ssievert -- for the universal forwarder ARMv6 you can get it by going to the Linux options of the universal forwarder download page (from the menu at the bottom of the splunk.com website in the footer menu), or by clicking this link: https://www.splunk.com/en_us/download/universal-forwarder.html#tabs/linux I'm not sure what the Splunk Enterprise download is but as @ssievert said please provide the link so we or others can help you.

0 Karma
Reply

splunkben
Explorer
‎01-09-2018 09:39 PM

As you noted - there is 32bit splunk UF available for linux - but that doesn't work on armv8 linux.

0 Karma
Reply
Get Updates on the Splunk Community!

Holistic Visibility and Effective Alerting Across IT and OT Assets

Instead of effective and unified solutions, they’re left with tool fatigue, disjointed alerts and siloed ...

SOC Modernization: How Automation and Splunk SOAR are Shaping the Next-Gen Security ...

Security automation is no longer a luxury but a necessity. Join us to learn how Splunk ES and SOAR empower ...

Ask It, Fix It: Faster Investigations with AI Assistant in Observability Cloud

  Join us in this Tech Talk and learn about the recently launched AI Assistant in Observability Cloud. With ...
Top