Splunk Stream: Why are we receiving the error no d...

awaisbinimran7 · ‎03-07-2018

We've been trying to get Splunk to process sflow data. In order to do this, we came across this link and have followed the following process:
We used Netflow optimizer to receive Sflow data and generate a Syslog file. However, Netflow optimizer is not able to send syslogs to Splunk, whereas, Visual Syslog is able to receive the syslogs from Netflow optimizer.
We also tried using Splunk stream (sflow collector) to ingest the sflow data but were unable to receive the Syslog files.
For both cases, we're able to capture the sflow packets on Wireshark but are unable to get Splunk to process the data for sflow.

shirishkamat84 · ‎04-06-2018

Can you specify the way you are configuring sFlow. We have successfully integrated sFlow by point the sFlow to a universal forwarder and then collecting it. All fields are parsing as expected.

UF version - 7.0
Stream Version - 7.1.1

Splunk Stream: Why are we receiving the error no data found in sflow stream when ingesting sflow data?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Observability Simplified: Combining User Experience, Application Performance & ...

Event Series May & June: From Network Visibility to Service Intelligence

Global Splunk User Group Events: May + June 2026

Join the Conversation