Hi,
We are planning to move to Nutanix in our organization. One of the application that is in the scope of this project is Splunk. We are a small environment and our Splunk data intake is around 30GB/day and the setup is mainly used as a SIEM.
We have received a few recommendation to isolate Splunk to a separate cluster. Is this necessary, or can we have it on the same cluster if we could guarantee the availability of resources for it? The cluster will host a few application and some infrastructure component like AD and DNS.
Are there any major benefits if we isolate Splunk in a different cluster?
