All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to get the Splunk App for Stream to capture both interfaces on my machine, not just one?

rubeniturrieta
Communicator
‎06-23-2015 02:16 PM

Hi to everyone

I have a new Splunk instance with the Splunk App for Stream with default installation. In my machine, I have two interfaces: the first, for Internet, and the second, in promiscuous mode, with the whole network traffic (I'm sure about that, I saw it in Wireshark).
However, in Splunk App for Stream, I can only see the first interface, traffic. How can I solve this?

Thanks you very much

Tags (2)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

vshcherbakov_sp
Splunk Employee
Splunk Employee
‎06-23-2015 02:24 PM

Hello rubeniturrieta,

you need to specify the interface you want App for Stream to capture on in etc/apps/Splunk_TA_stream/local/streamfwd.xml file. See http://docs.splunk.com/Documentation/StreamApp/6.3.0/DeployStreamApp/ConfigureStreamForwarder#Use_XM...

HTH

View solution in original post

Reply
Solved! Jump to solution
Solution

vshcherbakov_sp
Splunk Employee
Splunk Employee
‎06-23-2015 02:24 PM

Hello rubeniturrieta,

you need to specify the interface you want App for Stream to capture on in etc/apps/Splunk_TA_stream/local/streamfwd.xml file. See http://docs.splunk.com/Documentation/StreamApp/6.3.0/DeployStreamApp/ConfigureStreamForwarder#Use_XM...

HTH

Reply
Get Updates on the Splunk Community!

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...

What’s New in Splunk Observability – September 2025

What's NewWe are excited to announce the latest enhancements to Splunk Observability, designed to help ITOps ...

Fun with Regular Expression - multiples of nine

Fun with Regular Expression - multiples of nineThis challenge was first posted on Slack #regex channel ...