About Splunk Stream

beginne_Splunk · ‎04-06-2023

I am setting up a Splunk Stream.
I am having trouble with the official instructions, which are very confusing for a beginner.

Below is the environment that has already been set up.
Server A
XAMPP
DVWA
UF(ver9.0.4)

Server B
Splunk(ver9.0.4)
Stream(8.1.0) → to be installed

I would like to deploy Stream on server B to analyze DVWA logs sent from UF on server A. Can someone please itemize and explain the necessary steps?
I know this is a rudimentary question, but please help.

richgalloway · ‎04-07-2023

There seems to be a misunderstand about what Splunk Stream does. Stream collects network data and forwards it to Splunk Enterprise or Splunk Cloud. Stream does not analyze logs.

If you can use a UF to send logs to Splunk then you don't need Stream.

---
If this reply helps you, Karma would be appreciated.

beginne_Splunk · ‎04-09-2023

Thanks for the answer.
Can you tell me what I need to do to collect network data with Stream and transfer it to Splunk Enterprise?
I would like to visualize Wire Data using Stream.

richgalloway · ‎04-10-2023

Stream has changed a bit since I last used it. You can find installation instructions starting at https://docs.splunk.com/Documentation/StreamApp/8.1.0/DeployStreamApp/Streampackages

---
If this reply helps you, Karma would be appreciated.

About Splunk Stream

configuration

installation

Fueling your curiosity with new Splunk ILT and eLearning courses

Splunk AI Assistant for SPL 1.1.0 | Now Personalized to Your Environment for Greater ...

Unleash Unified Security and Observability with Splunk Cloud Platform