Splunk Stream

User Manual

This documentation does not apply to the most recent version of Splunk Stream. For documentation on the most recent version, go to the latest release.

Admin Dashboards

Splunk App for Stream provides a set of pre-built Admin dashboards, including

  • Stream Data Volumes
  • Network Metrics
  • Stream Forwarder (streamfwd process) Metrics.
  • Stream Forwarder Logs


Use Admin dashboards to identify spikes and trends in network activity that might indicate a network issue and to analyze customer behavior. Click in any dashboard graph to drill down to Splunk search results, and perform further analysis on network, streamfwd process, and log data.

Stream Data Volumes

The Stream Data Volumes dashboard shows index volume stats for all streams in the Enabled mode. The dashboard lets you monitor these data index volume stats:

  • Total Events
  • Total Incomming Traffic (MB)
  • Total Outgoing Traffic (MB)
  • Total Traffic (MB)
  • Spunk Index Volume (MB)

To open the Stream Data Volumes dashboard:

In the Splunk App for Stream main menu, select Admin Dashboards > Stream Data Volumes.

The Stream Data Volumes dashboard appears.

Stream data volume dashboard.png

Note: To view estimates of data index volume for streams in the Estimate mode, use the Stream Estimate dashboard. For more information, see "Stream Estimate" in this manual.

Network Metrics

The Network Metrics dashboard lets you monitor these network events:

  • Bandwidth (Mbps)
  • Active Network Flows
  • Total Packets
  • Dropped Packets

To open the Network Metrics dashboard:

In the Splunk App for Stream main menu, select Admin Dashboards > Network Metrics.

The Network Metrics dashboard appears.

StreamApp Network metrics.png

Stream Forwarder Metrics

The Stream Forwarder Metrics dashboard lets you monitor these streamfwd binary process metrics:

  • Total Events
  • Event Queue Size
  • Packet Queue Size
  • SSL Session Keys
  • TCP Reassembly Packet Count
  • TCP Reassembly Payload Size
  • Event Attributes

To open the Stream Forwarder Metrics dashboard:

In the main menu, select Admin Dashboards > Stream Forwarder Metrics.

The Stream Forwarder Metrics dashboard appears.

StreamApp Stream Forwarder metrics.png

Stream Forwarder Logs

The Stream Forwarder Logs dashboard lets you monitor log entries in the streamfwd.log file, including:

  • Top Messages
  • Errors by Host

The dasbhoard also shows a time-based listing of log messages that can help you identify notable network events.

To open the Stream Forwarder Logs dashboard:

In the main menu, select Admin Dashboards > Stream Forwarder Logs.

The Stream Forwarder Logs dashboard appears.

Stream Forwarder logs.png

Last modified on 11 February, 2016
Informational Dashboards  

This documentation applies to the following versions of Splunk Stream: 6.4.0, 6.4.1, 6.4.2


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters