Is anyone running Splunk for Stream? If so, what use case are you trying to accomplish and/or how is it implemented?
Thanks
Is anyone able to get the Splunk Stream Examples app to work? I see sourctype=exec logs from the client python script, but the server python script looks to be just bootstrapping over and over. I see no stream data.
Thanks
i was able to get Splunk App for Stream to work by following the tips in this thread: http://answers.splunk.com/answers/150534/splunk-app-for-stream-installation-missing-directories-wire...
my plan it to be able to sniff network traffic directly from a network TAP.
i posted a question about this in this thread:
http://answers.splunk.com/answers/151001/how-to-install-and-configure-splunk-app-for-stream-with-a-n...
i hope this helps. enjoy!
There is also an update for the Stream App, 6.0.1.
Are you able to get application data, or just metadata from the connections, i.e. protocol, port, etc.
Bump. Any info would be appreciated. ^^^
I have the app installed on a dev ubuntu box. It is logging metadata about tcp/udp connections. Is stream supposed to supply application specific data as well? I read where it is able to understand HTTP, SQL, DNS, etc. I was expecting to see more application data for those protocols, but I don't.
I also installed the Stream examples app. It has some searches I would like to review, but no data is being returned. I see some python scripts trying to generate data but nothing is showing up as stream data or displaying in the stream examples app.
Thanks