I have a complex system which sometimes needs to be debugged or troubleshooted by using verbose trace logs. the challenges in my scenario are:
what would be a good topology in this case?
This can be one way of dealing with this; i must admit, you seem quite limited in resources but:
If it is possible to have an extra box dedicated to splunk in the remote location, then you can install splunk as an indexer (at this remote location), collect the remote logs into this indexer and then allow the main splunk indexer to search the remote one, (basically adding search peers).
This can be one way of dealing with this; i must admit, you seem quite limited in resources but:
If it is possible to have an extra box dedicated to splunk in the remote location, then you can install splunk as an indexer (at this remote location), collect the remote logs into this indexer and then allow the main splunk indexer to search the remote one, (basically adding search peers).
I'm thinking splunk isn't built to handle debug level logging