Knowledge Management
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to confirm if Netflow or other data is being collected under the app:"splunk_app_stream"

nathant089
New Member
‎12-04-2019 08:43 PM

On my Splunk Cloud instance, there is an app called: "splunk_app_stream" that is currently disabled under the 'App' settings.

Before I go uninstalling this app, I would like to know if there is a way to confirm if Splunk is ingesting data for that app before uninstalling it (even though it's disabled)?

Labels (1)
Labels
0 Karma
Reply

uagrawal_splunk
Splunk Employee
Splunk Employee
‎12-04-2019 11:35 PM

1) Navigate to Stream App -> Admin Dashboards -> Stream Forwarder Status dashboard. Check the status of the Stream forwarder. Also, check the Total events dashboard. From there you can identify whether stream app is indexing data or not.
2) In the Search bar, run this query sourcetype= stream:*. If search query returns no result, then Stream App is not indexing any data into Splunk.

0 Karma
Reply
Get Updates on the Splunk Community!

Dashboard Studio Challenge - Learn New Tricks, Showcase Your Skills, and Win Prizes!

Reimagine what you can do with your dashboards. Dashboard Studio is Splunk’s newest dashboard builder to ...

Introducing Edge Processor: Next Gen Data Transformation

We get it - not only can it take a lot of time, money and resources to get data into Splunk, but it also takes ...

Take the 2021 Splunk Career Survey for $50 in Amazon Cash

Help us learn about how Splunk has impacted your career by taking the 2021 Splunk Career Survey. Last year’s ...