https://community.splunk.com/t5/Splunk-Cloud-Platform/splunk-stream/m-p/536738#M455 <P><a href="https://community.splunk.com/t5/user/viewprofilepage/user-id/229889">@iherb_0718</a>,</P><P>I assume you installed&nbsp;<SPAN>The Splunk App for Stream on Heavy Forwrder to manage Stream configuration on UFs.</SPAN></P><P><SPAN>You should install &nbsp;"The Splunk Add-on for Stream Forwarders (Splunk_TA_stream)" on every client that you want to collect stream data.</SPAN></P><P>&nbsp;</P><P><SPAN>If this reply helps you an upvote is appreciated.</SPAN></P> Thu, 21 Jan 2021 19:25:59 GMT scelikok 2021-01-21T19:25:59Z https://community.splunk.com/t5/Splunk-Cloud-Platform/splunk-stream/m-p/536728#M452 <P>All,</P><P>I have a few questions related to splunk stream</P><P>1) If a windows computer has splunk stream app installed and it has a UF installed, what are some differences in logging activity will I get between the two?</P><P>2) Does the splunk stream app get deployed from the deployment server just as the UF does?</P><P>3) Does splunk stream log just web traffic?</P> Thu, 21 Jan 2021 18:19:23 GMT https://community.splunk.com/t5/Splunk-Cloud-Platform/splunk-stream/m-p/536728#M452 iherb_0718 2021-01-21T18:19:23Z https://community.splunk.com/t5/Splunk-Cloud-Platform/splunk-stream/m-p/536733#M453 <P>Hi&nbsp;<a href="https://community.splunk.com/t5/user/viewprofilepage/user-id/229889">@iherb_0718</a>,</P><P>You can find all information regarding Stream on Splunk docs below;</P><P><A href="https://docs.splunk.com/Documentation/StreamApp/7.3.0/DeployStreamApp/AboutSplunkStream" target="_blank">https://docs.splunk.com/Documentation/StreamApp/7.3.0/DeployStreamApp/AboutSplunkStream</A>&nbsp;</P><P>Answers to your questions;</P><P>1) Splunk Stream App cannot work standalone it should deployed to UF or Splunk Instance. It adds network traffic capture or PCAP ingestion capabilities to Splunk.</P><P>2) You can deploy from deployment server.</P><P>3) Supported protocols can be found in documentation. <A href="https://docs.splunk.com/Documentation/StreamApp/7.3.0/DeployStreamApp/ProtocolDetection" target="_blank">https://docs.splunk.com/Documentation/StreamApp/7.3.0/DeployStreamApp/ProtocolDetection</A> &nbsp;</P><P>If this reply helps you an upvote is appreciated.</P> Thu, 21 Jan 2021 18:58:06 GMT https://community.splunk.com/t5/Splunk-Cloud-Platform/splunk-stream/m-p/536733#M453 scelikok 2021-01-21T18:58:06Z https://community.splunk.com/t5/Splunk-Cloud-Platform/splunk-stream/m-p/536735#M454 <P>Scelikok, assume I have all the work for splunk stream done on the splunk side.&nbsp; That is I got the splunk stream app deployed to the heavy forwarder.&nbsp; This would still require an app on the client side?&nbsp; The client already has a UF.&nbsp; It wouldn't be just tweaking the UF conf files to get stream?</P> Thu, 21 Jan 2021 19:16:05 GMT https://community.splunk.com/t5/Splunk-Cloud-Platform/splunk-stream/m-p/536735#M454 iherb_0718 2021-01-21T19:16:05Z https://community.splunk.com/t5/Splunk-Cloud-Platform/splunk-stream/m-p/536738#M455 <P><a href="https://community.splunk.com/t5/user/viewprofilepage/user-id/229889">@iherb_0718</a>,</P><P>I assume you installed&nbsp;<SPAN>The Splunk App for Stream on Heavy Forwrder to manage Stream configuration on UFs.</SPAN></P><P><SPAN>You should install &nbsp;"The Splunk Add-on for Stream Forwarders (Splunk_TA_stream)" on every client that you want to collect stream data.</SPAN></P><P>&nbsp;</P><P><SPAN>If this reply helps you an upvote is appreciated.</SPAN></P> Thu, 21 Jan 2021 19:25:59 GMT https://community.splunk.com/t5/Splunk-Cloud-Platform/splunk-stream/m-p/536738#M455 scelikok 2021-01-21T19:25:59Z