Splunk Stream

Installation and Configuration Manual

This documentation does not apply to the most recent version of Splunk Stream. For documentation on the most recent version, go to the latest release.

About Splunk App for Stream

Splunk App for Stream captures real-time wire data from distributed infrastructures, including on-premise and remote data centers, and private, public, and hybrid clouds.

Wire data is information that passes between network elements and describes the communication between client and server devices. When combined with other types of information (such as log data and metrics), wire data captured by Splunk App for Stream can provide valuable insight into activities and behaviors taking place across your network infrastructure.

With Splunk App for Stream you can:

  • Capture, filter, index, and analyze streams of wire data from your distributed infrastructure.
  • Collect multiple wire data protocols, including HTTP, TCP, DNS, and more. See supported protocols.
  • Manage and configure network event data capture from convenient UI.
  • Aggregate events for specific protocol attributes.
  • Create custom streams (clones) with unique filtering and aggregation rules.
  • Capture ephemeral (time-limited) streams.
  • Correlate logs, events, and metrics for comprehensive search analytics.
  • Deploy and scale rapidly and unobtrusively with no need for tagging or instrumentation.

To learn more about streams, see What is a stream?

To learn how to configure stream capture, see Use Streams Config UI.

To learn about Stream deployment architectures, see Deployment architectures.

Last modified on 29 May, 2015
  Deployment requirements

This documentation applies to the following versions of Splunk Stream: 6.3.0, 6.3.1, 6.3.2


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters