Splunk Stream

Installation and Configuration Manual

Splunk Stream installation package overview

As of Splunk Stream version 7.3, Splunk Stream is organized as three packages that must each be downloaded and installed.

Product name Installation package name Installed file name Description
Splunk App for Stream splunk_app_stream splunk_app_stream/ When you install this package on your search heads, it provides:
  • the configuration user interface
  • container dashboards and dashboards for analysis of network events and flow data
  • filters for fine-tuning data capture
Splunk Add-on for Stream Forwarders Splunk_TA_stream Splunk_TA_stream/ You install this package on your Splunk forwarders and use it to extend the universal forwarders. You deploy it to search heads and indexers to collect local traffic. When you install a Stream forwarder on the same server as the Splunk App for Stream, you can upload PCAP data from the User Interface.
Splunk Add-on for Stream Wire Data Splunk_TA_stream_wire_data Splunk_TA_stream_wire_data/ When you install this package on your search heads it provides all the knowledge objects required at search and indexing time. In a distributed deployment the package can be deployed on search heads and indexers, and if present in your configuration, heavy forwarders.
Last modified on 03 March, 2022
About Splunk Stream   Splunk Stream on-premise deployment architecture

This documentation applies to the following versions of Splunk Stream: 8.0.1, 8.0.2, 8.1.0, 8.1.1, 8.1.3

Acrobat logo Download manual
Acrobat logo Download this page

Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters