Splunk Enterprise

Splunk Observability Cloud Splunk IT Service Intelligence Splunk Cloud Platform Splunk Enterprise Data Management Splunk Enterprise Security 8 Splunk Enterprise Security 7 Splunk SOAR Security Offerings AppDynamics SaaS About This Site Community Support Supported Add-ons

Splunk Observability Cloud Splunk IT Service Intelligence Splunk Cloud Platform Splunk Enterprise Data Management Splunk Enterprise Security 8 Splunk Enterprise Security 7 Splunk SOAR Security Offerings AppDynamics SaaS About This Site Community Support Supported Add-ons

Documentation

Splunk Enterprise

Splunk Enterprise Contents

Get Started

Administer

Search

Manage Knowledge Objects

Leverage REST APIs

Release Notes and Updates

Analytics and Insights

Create Dashboards and Reports

Alert and Respond

Apply Machine Learning

Data Sources

Get Data In

Forward and Process Data

Connect Relational Databases

Collect Stream Data

Use Splunk Stream

Common Information Model

Splunk Edge Hub

Apps for Mobile Devices

REST API Reference

SPL Search Reference

Splunk Validated Architectures

Stream Informational Dashboards

Splunk App for Stream (splunk_app_stream) provides a set of built-in informational dashboards, which give you a quick overview of activities taking place across your network. Informational dashboards include:

Analytics Overview
App Analytics
Flow Visualization
HTTP Overview
HTTP Activity
Database Activity
DNS Overview
DNS Activity
SSL Activity

Informational dashboards are populated by a set of built-in streams that come with the app. Clone built-in streams and use them as a starting point to create your own new streams in the Configure Streams UI. For more information, see Configure Streams in this manual.

Impact of new aggregation methods on dashboards

As of version 6.6.0, the Database Activity dashboard and built-in Splunk database streams, such as Splunk_Mysql and Splunk_Postgres, have been updated to use the max(time_taken) aggregate function to generate max query time statistics. As a result, the Database Activity dashboard in version 6.6.0 and later is not compatible with data generated by earlier versions of streamfwd.

All other dashboards have been updated for the new aggregation methods introduced in version 6.6.0 and are compatible with data generated by both old and new versions of streamfwd. For more information, see Stream aggregation methods in this manual.

Analytics Overview

Analytics overview.png

App Analytics

App analytics.png

Flow Visualization

Flow viz.png

HTTP Overview

Http overview dashboard.png

HTTP Activity

Http activity dashboard.png

Database Activity

Database activity dashboard.png

DNS Overview

Dns overview dashboard.png

DNS Activity

Dns activity dashboard.png

SSL Activity

Ssl activity dashboard.png

ON THIS PAGE

Analytics Overview
App Analytics
Flow Visualization
HTTP Overview
HTTP Activity
Database Activity
DNS Overview
DNS Activity
SSL Activity

Product Guides

Splunk Stream

Last updated: April 8, 2025

Explore Topics

Splunk Observability Cloud

Splunk IT Service Intelligence

Splunk Cloud Platform

Splunk Enterprise

Data Management

Splunk Enterprise Security 8

Splunk Enterprise Security 7

Splunk SOAR

Security Offerings

AppDynamics SaaS

About This Site

Community Support

Supported Add-ons

©2005-2025 Splunk Inc. All rights reserved.