A coworker and I have authored an ingestion tool for Splunk called Ta-Volatility, https://splunkbase.splunk.com/app/3919/, that takes json formatted unified_outputs from volatility.  As it stands right now, it can handle over 160 plugins across windows, linux and mac, and we're adding more every day.  We are adding unified outputs to the standard plugins that do not have them, github PR #501.  The app will support the latest version of volatility (volatilityfoundation or mutedmouse's fork, https://github.com/mutedmouse/ta-volatility).  The app's setup page describes the required folder structure.  The source by default is "volatility" and the index is main by default, although you can set this by adding index=<yourindex> in the inputs.conf file.