Splunk Stream

Installation and Configuration Manual

Download manual as PDF

This documentation does not apply to the most recent version of StreamApp. Click here for the latest version.
Download topic as PDF

Dashboards

Splunk App for Stream provides pre-built dashboards that let you monitor:

  • Network interface metrics.
  • Stream Forwarder (streamfwd) process metrics.
  • Stream Stats Only mode data.
  • Stream Forwarder log data.
  • SSL Activity data.

Use these dashboards to identify spikes and trends in network activity that can indicate an issue with your network and help you analyze customer behavior.

Click on any point in a dashboard graph to drill down to the underlying Splunk search results, and perform additional search and analysis across your network and log data.

Network Metrics

The Network Metrics dashboard lets you monitor these network events:

  • Total Packets
  • Total Events
  • Bandwidth (Mbps)

To open the Network Metrics dashboard:

1. In Splunk Web, select Apps > Splunk App for Stream. This opens the Streams Config page.

2. Select Dashboards > Network Metrics. The Network Metrics dashboard appears.

StreamApp Network metrics.png

Stream Forwarder Metrics

The Stream Forwarder Metrics dashboard lets you monitor these streamfwd binary process metrics:

  • Packet Queue Size
  • SSL Session Key Count
  • TCP Session Count
  • TCP Reassembly Packet Count
  • TCP Reassembly Payload Size

To open the Stream Forwarder Metrics dashboard:

1. In Splunk Web, select Apps > Splunk App for Stream. This opens the Streams Config page.

2. Select Dashboards > Stream Forwarder Metrics. The Network Metrics dashboard appears.

StreamApp Stream Forwarder metrics.png

Stream Stats

The Stream Stats dashboard displays indexing volume and other stats for stream protocols. You can use this dashboard to view the the total amount of data that Stream captures over time for any supported protocol. The Stream Stats dashboard displays stats for protocols in both enabled or Stats Only mode.

To access the Stream Stats dashboard:

  • In the Splunk App for Stream main menu, go to Dashboards > Stream Stats.

Stream stats dashboard 2.png

Stream Forwarder Logs

The Stream Forwarder Logs dashboard let you monitor log entries in the streamfwd.log file. The dashboard provides graphs of Top Messages and Errors by Host, along with a time-based listing of log messages that can help you quickly identify issues with network activities.

To open the Stream Forwarder Logs dashboard:

1. In Splunk Web, select Apps > Splunk App for Stream. This opens the Streams Config page.

2. Select Dashboards > Stream Forwarder Logs. The Stream Forwarder Logs dashboard appears.

Stream Forwarder logs.png

PREVIOUS
Global IP Filters
  NEXT
Use streamfwd command line options

This documentation applies to the following versions of Splunk Stream: 6.0, 6.0.1, 6.0.2, 6.1.0, 6.1.1, 6.2.0, 6.2.1, 6.2.2


Was this documentation topic helpful?

Enter your email address, and someone from the documentation team will respond to you:

Please provide your comments here. Ask a question or make a suggestion.

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters