I'll be entirely honest.
The Splunk app for UNIX is really badly broken. The list of issues with this app is far to long to even start to discuss here. In general this app is not usable by the casual user. It's far to heavy on all parts of splunk from the browser to the indexer and search head.
The TA is pretty good. It gathers data fairly well. My recommendation is to install the TA and then build your own dashboards from the data. There are a few issues with the TA as it tends to toss data out. For example the cpu.sh provides good data, but for some reason only the averages across all cpu's are reported. There are other areas of lost data but nothing to serious.
Search is your friend here. Leverage the work done on inputs from the TA and just delete the actual front end app.
... View more