Intesa Splunk Pipeline

Dockerized stack:

• Splunk 9.4.2 (HEC enabled)
• Poller: reads from Splunk, chunks to JSONL in ./out
• Analyzer: scans chunks, writes reports to ./reports

Quick start:

docker compose up -d --build
# In Splunk: create index "intesa_payments"
# Seed test events (see docs/prod-setup.md)

Docs: see docs/prod-setup.md for full step-by-step and operational commands.