Platform and hardware requirements

This topic discusses the underlying requirements for running both the Splunk App and the Splunk TA for Unix and Linux.

Hardware and operating system requirements

The Splunk App for Unix and Linux installs directly onto a Splunk indexer. It can be configured either through the app's setup user interface in Splunk Web or manually via the command line. In general, it is not recommended to install the Splunk App for Unix and Linux on a universal forwarder.

The Splunk TA for Unix and Linux installs onto either an indexer or a universal forwarder. When installed on an indexer, the TA can be configured either through the app's setup user interface in Splunk Web or manually via the command line. When installed on a universal forwarder, the TA must be configured manually via the command line.

Both the full app and the TA will install on Splunk instances running on many versions of Unix, including Linux, Solaris, and AIX. However, neither the app nor the TA function on any version of HP/UX.

• For details about supported OSes for Splunk, refer to "System requirements" in the core Splunk product documentation.

Important: You cannot install both the Splunk App and the Splunk TA for Unix and Linux on the same Splunk instance. Since the TA is a subset of the full app, attempting to install both of these components on the same Splunk instance will generate an error.

What other items are required?

The Splunk App for Unix and Linux requires the sysstat package to function properly. You can download the sysstat utilities from the sysstat utilities download page or from your local package repository (depending on the version of *nix your system runs.)

What versions of Splunk are supported?

All instances of Splunk in a Splunk for Unix and Linux deployment must run version 4.3 or later.

Be sure to download the correct version for your platform; in particular, ensure that you're running the 32-bit version of Splunk on 32-bit platforms.