Is it possible to setup and use the Splunk Add-on for *Nix, and splunk_TA_Nix, without having to actually install the forwarder on the *Nix servers?
Right now, all of them are configured to just forward logs to Splunk via rsyslog configuration. This allows me to do search and reporting on logs, but I'd like to be able to leverage the built-in dashboards and reporting on the Add-on.
↧