Splunk Stream

Installation and Configuration Manual

Download manual as PDF

This documentation does not apply to the most recent version of StreamApp. Click here for the latest version.
Download topic as PDF

Dashboards

Splunk App for Stream provides pre-built dashboards that let you monitor:

  • Network interface metrics.
  • Stream Forwarder (streamfwd) process metrics.
  • Stream Stats Only mode.
  • Stream Forwarder log data.
  • SSL Activity.

Use these dashboards to identify spikes and trends in network activity that can indicate an issue with your network and help you analyze customer behavior.

Click on any point in a dashboard graph to drill down to the underlying Splunk search results, and perform additional search and analysis across your network and log data.

Network Metrics

The Network Metrics dashboard lets you monitor these network events:

  • Bandwidth (Mbps)
  • Active Network Flows
  • Total Packets
  • Dropped Packets

To open the Network Metrics dashboard:

1. In Splunk Web, select Apps > Splunk App for Stream. This opens the Streams Config page.

2. Select Dashboards > Network Metrics. The Network Metrics dashboard appears.

StreamApp Network metrics.png

Stream Forwarder Metrics

The Stream Forwarder Metrics dashboard lets you monitor these streamfwd binary process metrics:

  • Packet Queue Size
  • SSL Session Key Count
  • TCP Session Count
  • TCP Reassembly Packet Count
  • TCP Reassembly Payload Size

To open the Stream Forwarder Metrics dashboard:

1. In Splunk Web, select Apps > Splunk App for Stream. This opens the Streams Config page.

2. Select Dashboards > Stream Forwarder Metrics. The Network Metrics dashboard appears.

StreamApp Stream Forwarder metrics.png

Stream Stats

The Stream Stats dashboard displays index volume and traffic throughput stats for stream protocols in the Stats Only mode. You can use this dashboard to view the the total amount of data that Stream captures over time for each protocol. The Stream Stats dashboard displays stats for tcp and udp protocols by default.

To access the Stream Stats dashboard:

  • In the Splunk App for Stream main menu, go to Dashboards > Stream Stats.

Stream stats dashboard 2.png

Stream Forwarder Logs

The Stream Forwarder Logs dashboard let you monitor log entries in the streamfwd.log file. The dashboard provides graphs of Top Messages and Errors by Host, along with a time-based listing of log messages that can help you quickly identify issues with network activities.

To open the Stream Forwarder Logs dashboard:

1. In Splunk Web, select Apps > Splunk App for Stream. This opens the Streams Config page.

2. Select Dashboards > Stream Forwarder Logs. The Stream Forwarder Logs dashboard appears.

Stream Forwarder logs.png

Last modified on 16 June, 2015
PREVIOUS
Distributed Forwarder Management
  NEXT
streamfwd command line options

This documentation applies to the following versions of Splunk Stream: 6.3.0, 6.3.1, 6.3.2


Was this documentation topic helpful?

Enter your email address, and someone from the documentation team will respond to you:

Please provide your comments here. Ask a question or make a suggestion.

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters