Splunk Stream

Installation and Configuration Manual

Acrobat logo Download manual as PDF

This documentation does not apply to the most recent version of StreamApp. Click here for the latest version.
Acrobat logo Download topic as PDF

About Splunk App for Stream

Splunk App for Stream captures real-time wire data from distributed infrastructures, including on-premise and remote data centers, and private, public, and hybrid clouds.

Wire data is information that passes between network elements and describes the communication between client and server devices. When combined with other types of information (such as log data and metrics), wire data captured by Splunk App for Stream can provide valuable insight into activities and behaviors taking place across your network infrastructure.

With Splunk App for Stream you can:

  • Capture, filter, index, and analyze streams of wire data from your distributed infrastructure.
  • Collect multiple wire data protocols, including HTTP, TCP, DNS, and more. See supported protocols.
  • Manage and configure network event data capture from convenient UI.
  • Aggregate events for specific protocol attributes.
  • Create custom streams (clones) with unique filtering and aggregation rules.
  • Capture ephemeral (time-limited) streams.
  • Correlate logs, events, and metrics for comprehensive search analytics.
  • Deploy and scale rapidly and unobtrusively with no need for tagging or instrumentation.

To learn more about streams, see What is a stream?

To learn how to configure stream capture, see Use Streams Config UI.

To learn about Stream deployment architectures, see Deployment architectures.

Last modified on 20 November, 2014
Deployment requirements

This documentation applies to the following versions of Splunk Stream: 6.0, 6.0.1, 6.0.2, 6.1.0, 6.1.1, 6.2.0, 6.2.1, 6.2.2

Was this documentation topic helpful?

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters