All Apps and Add-ons
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Splunk stream forwarder versions?

mux
Explorer
‎07-13-2016 08:22 AM

We are running Splunk stream 6.5.1 on Splunk Enterprise 6.4.1 but most of our forwarders are still running on 5.0.5. I am planning to upgrade them later this year but I wanted to find out if Splunk stream can run on a forwarder of that version or not, I couldn't find anything on the web about the forwarder versions for the app.

Thanks, Mark.

0 Karma
Reply

dgrubb_splunk
Splunk Employee
Splunk Employee
‎07-13-2016 08:28 AM

Stream requirements will be contained on SplunkBase or in the App documentation:

Splunkbase
https://splunkbase.splunk.com/app/1809/

Stream Documentation:

http://docs.splunk.com/Documentation/StreamApp/6.5.1/DeployStreamApp/Deploymentrequirements#Splunk_E...

Splunk Enterprise version requirements
Splunk App for Stream runs on Splunk Enterprise. Before you install Splunk App for Stream, make sure that you are running the appropriate version of Splunk Enterprise.
Splunk App for Stream version 6.4.x and 6.5.0 require Splunk Enterprise version 6.3.0 or later.
For search head clustering, Splunk App for Stream version 6.5.0 requires Splunk Enterprise version 6.3.1 or later.
Independent deployment of the stream forwarder (streamfwd) 6.5.0 binary on a search head requires Splunk Enterprise version 6.3.1 or later.

Reply

csharp_splunk
Splunk Employee
Splunk Employee
‎07-13-2016 08:27 AM

Anything that supports modular inputs should work. I wouldn't go so far as to say we officially support forwarders that old, but I am aware of at least one customer that was successful doing this some time back. In Stream 6.5.1 on Linux, you also have the option of running the stream forwarder independently of the Splunk forwarder, so that may be worth consideration as well.

http://docs.splunk.com/Documentation/StreamApp/6.5.1/DeployStreamApp/InstallStreamForwarderonindepen...

Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Unlocking Unified Insights: New Gigamon Federated Search App for Splunk

In today’s data-heavy environment, organizations are caught in a data distribution dilemma. As data volumes ...

GA: New Data Management App in Splunk Platform

Streamlining Data Management: Introducing a unified experience in Splunk Managing data at scale shouldn’t feel ...

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...