About Splunk App for Stream
Splunk App for Stream captures real-time wire data from distributed infrastructures, including on-premise and remote data centers, and private, public, and hybrid clouds.
Wire data is information that passes between network elements and describes the communication between client and server devices. When combined with other types of information (such as log data and metrics), wire data captured by Splunk App for Stream can provide valuable insight into activities and behaviors taking place across your network infrastructure.
With Splunk App for Stream you can:
- Capture, filter, index, and analyze streams of wire data from your distributed infrastructure.
- Collect multiple wire data protocols, including HTTP, TCP, DNS, and more. See supported protocols.
- Manage and configure network event data capture from convenient UI.
- Aggregate events for specific protocol attributes.
- Create custom streams (clones) with unique filtering and aggregation rules.
- Capture ephemeral (time-limited) streams.
- Correlate logs, events, and metrics for comprehensive search analytics.
- Deploy and scale rapidly and unobtrusively with no need for tagging or instrumentation.
To learn more about streams, see What is a stream?
To learn how to configure stream capture, see Use Streams Config UI.
To learn about Stream deployment architectures, see Deployment architectures.
This documentation applies to the following versions of Splunk Stream™: 6.3.0, 6.3.1, 6.3.2