All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Streamfwd after upgrade to 8.1.5 doesn't parse netflow fields (bytes_in, bytes_out, packets_in, packets_out)

Kim
Explorer
‎05-28-2025 10:59 AM

Hello, colleagues.

I'm using an independent stream forwarder installed on Ubuntu 22.04.05 as a service.

After updating to 8.1.5 bytes_in, bytes_out, packets_in, packets_out are always equal to zero.

If I stop the service and change /opt/streamfwd/bin/streamfwd from 8.1.5 to 8.1.3 and start sert service again, everything is ok. 

Anybody run into this?

thanks.

{ [-]
app_tag: PANA-L7-PEN : ххххххххх
bytes_in: 0
bytes_out: 0
dest_ip: x.x.x.x
dest_port: 55438
endtime: 2025-05-28T15:01:26Z
event_name: netFlowData
exporter_ip: x.x.x.x
exporter_time: 2025-May-28 15:01:26
exporter_uptime: 3148584010
flow_end_reason: 3
flow_end_rel: 0
flow_start_rel: 0
fwd_status: 64
input_snmpidx: 168
netflow_elements: [ [+]
]
netflow_version: 9
observation_domain_id: 1
output_snmpidx: 127
packets_in: 0
packets_out: 0
protoid: 6
selector_id: 0
seqnumber: 2278842767
src_ip: x.x.x.x
src_port: 9997
timestamp: 2025-05-28T15:01:26Z
tos: 0
}

Labels (1)
Labels
0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey
Get Updates on the Splunk Community!

Tech Talk Recap | Mastering Threat Hunting

Mastering Threat HuntingDive into the world of threat hunting, exploring the key differences between ...

Observability for AI Applications: Troubleshooting Latency

If you’re working with proprietary company data, you’re probably going to have a locally hosted LLM or many ...

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

In the age of AI, every tool promises to make our lives easier. From summarizing content to writing code, ...