Splunk Enterprise
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Splunk on ARM Achitecture

tcha9078
Engager
‎07-31-2020 09:03 PM

Hi,

I am new to SPlunk and I have the following CPU Architecture running Debian Buster 10:

processor : 0
model name : ARMv7 Processor rev 10 (v7l)
BogoMIPS : 6.00
Features : half thumb fastmult vfp edsp neon vfpv3 tls vfpd32
CPU implementer : 0x41
CPU architecture: 7
CPU variant : 0x2
CPU part : 0xc09
CPU revision : 10

Can splunk enterprise will be able run on this system or do I have to use splunk forwarder only?

 

Labels (2)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

hsesterhenn_spl
Splunk Employee
Splunk Employee
‎11-14-2020 09:49 AM

Hi,

as mentioned before, only the UF is available for ARMv6 (no support).

Starting with V8.1 there is a fully supported ARMv8 UF available:

https://docs.splunk.com/Documentation/Splunk/latest/Installation/Systemrequirements

Try this as of November, 14th, 2020:

https://www.splunk.com/bin/splunk/DownloadActivityServlet?architecture=ARM&platform=linux&version=8....

If you run on Raspberry Pi you might need to install an Ubuntu (or other ARMv8, 64bit) distro because the original Raspbian Linux (Buster) is based on ARMv7 (32 bit).

A full Splunk Enterprise installation is not supported/available currently but if it's for your home environment you might search for QEMU and Splunk Enterprise... 

Please mark one of the answers as valid.

Happy splunking,

Holger

 

View solution in original post

Tags (1)
0 Karma
Reply
Solved! Jump to solution

maat
Engager
‎07-12-2023 02:21 PM

For those using Linux on Arm, you can run Splunk on a x86 container using docker:

DOCKER_DEFAULT_PLATFORM=linux/amd64 docker run --privileged -d -p 8000:8000 -e "SPLUNK_START_ARGS=--accept-license" -e "SPLUNK_PASSWORD=<password>" --name splunk splunk/splunk:latest

 

0 Karma
Reply
Solved! Jump to solution
Solution

hsesterhenn_spl
Splunk Employee
Splunk Employee
‎11-14-2020 09:49 AM

Hi,

as mentioned before, only the UF is available for ARMv6 (no support).

Starting with V8.1 there is a fully supported ARMv8 UF available:

https://docs.splunk.com/Documentation/Splunk/latest/Installation/Systemrequirements

Try this as of November, 14th, 2020:

https://www.splunk.com/bin/splunk/DownloadActivityServlet?architecture=ARM&platform=linux&version=8....

If you run on Raspberry Pi you might need to install an Ubuntu (or other ARMv8, 64bit) distro because the original Raspbian Linux (Buster) is based on ARMv7 (32 bit).

A full Splunk Enterprise installation is not supported/available currently but if it's for your home environment you might search for QEMU and Splunk Enterprise... 

Please mark one of the answers as valid.

Happy splunking,

Holger

 

Tags (1)
0 Karma
Reply
Solved! Jump to solution

niketn
Legend
‎08-02-2020 05:15 AM

Wait patiently and it may come 🙂

https://www.linkedin.com/feed/update/urn:li:activity:6691303981484011520/

@MuS 🙂

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"
Reply
Solved! Jump to solution

isoutamo
SplunkTrust
SplunkTrust
‎08-02-2020 06:55 AM

Especially after Apple has changed to ARM processors later on this year...

0 Karma
Reply
Solved! Jump to solution

isoutamo
SplunkTrust
SplunkTrust
‎08-01-2020 01:50 AM

Hi

based on this https://docs.splunk.com/Documentation/Splunk/latest/Installation/Systemrequirements ARM is only supported as UF. 

r. Ismo

Reply
Solved! Jump to solution

rainmk
New Member
3 weeks ago

The ARM package is available however not publicly visible you have to request access to 
https://voc.splunk.com/preview/cmp-graviton-early-access

0 Karma
Reply
Get Updates on the Splunk Community!

Index This | When is October more than just the tenth month?

October 2025 Edition  Hayyy Splunk Education Enthusiasts and the Eternally Curious!   We’re back with this ...

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

What’s New & Next in Splunk SOAR

 Security teams today are dealing with more alerts, more tools, and more pressure than ever.  Join us for an ...