All Apps and Add-ons

Can I do continuous Packet Capture with Splunk Streams?

davidwaugh
Path Finder

Hi I have a requirement for Continous Packet Capture with Splunk Streams. For example, I want to capture all traffic on port 25 and then save it to disk, so that I can retrieve the pcap at a later date for further investigation.

I saw in the notes that its says "Packet stream capture is ephemeral" which means its for a short period of time.
Can I just confirm then, that Splunk Streams can not do a continuous capture of network traffic and save it to a pcap?

0 Karma
1 Solution

davidwaugh
Path Finder

Hi had it confirmed by our Splunk account manager, than Splunk Streams can only do packet captures for a period of time, and not continuously.

View solution in original post

0 Karma

davidwaugh
Path Finder

Hi had it confirmed by our Splunk account manager, than Splunk Streams can only do packet captures for a period of time, and not continuously.

0 Karma
Get Updates on the Splunk Community!

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM

Elevating Digital Service Excellence: The Synergy of Real User Monitoring and Application Performance ...

Adoption of RUM and APM at Splunk

    Unleash the power of Splunk Observability   Watch Now In this can't miss Tech Talk! The Splunk Growth ...

March Community Office Hours Security Series Uncovered!

Hello Splunk Community! In March, Splunk Community Office Hours spotlighted our fabulous Splunk Threat ...