Splunk Stream

Release Notes

This documentation does not apply to the most recent version of Splunk Stream. For documentation on the most recent version, go to the latest release.

New features

Splunk Stream version 7.1.0 adds these new features.

New targeted packet capture
Supports capture of full network packets.
Configure packet streams based on targeted protocol fields.
Enables search against raw packet data.
Download full packets for detailed inspection and analysis of suspicious network activity.
New file extraction for metadata streams
Extract content files from network traffic, including email attachments, images, pdfs, etc.
Supports search for extracted files.
Download extracted files for detailed analysis.
New SQL query parsing
Capture SQL statement elements, including table names and SQL commands.
New fields added to all database protocols.
Use for fine-grained analysis of database activity.
New IP fragmentation and reassembly
Reassembles packets that are fragmented due to MTU size limits.
Enhanced protocol support
New IGMP transport layer (Layer 4) multicast protocol support.
New RTCP protocol support.
Adds qualitative analysis capabilities for streaming media and VoIP services.
Last modified on 31 March, 2017
  Resolved issues

This documentation applies to the following versions of Splunk Stream: 7.1.0


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters