Hi there,
I have been looking into using the RaspberryPI (RPI) and splunk coupled with a SPAM port to monitor network traffic.
Now, I know there is only Stream and the Universal forwarder that are ported for ARM architecture.
Does this mean I have to have Splunk light/ indexer on a seperate machine - Can I get what I need out of using just the forwarder and the Stream app, or do I need the Splunk Light base too?
I've tried the documentation, my understanding is that I would have to have Splunk on a seperate machine, with RPI forwarding information to it. Is the Stream app not standalone? I would rather everything I need on the RPI alone without the need for a second machine.
Many thanks for any clarification you can provide!
↧