INETCO NetStream Streams Transaction Data to Splunk Enterprise

INETCO's new NetStream makes it easy to access and analyze application transaction data alongside other machine data with Splunk.

LAS VEGAS—INETCO Systems announced the beta availability of INETCO NetStream, a new product for streaming rich transaction event data to Splunk Enterprise.

Announced at conf2013, the Splunk Worldwide Users' Conference 2013 here, INETCO NetStream collects network data, transforms it into rich transaction events and streams this data in real time into Splunk Enterprise. This new capability enhances Splunk users' ability to resolve application and IT infrastructure issues, identify potential security and compliance incidents, and gain real-time insights into user experience and business performance.

"Access to transaction information is a critical, universal need for security, IT and business operations teams," said Bijan Sanii, president and CEO of INETCO, in a statement. "INETCO NetStream puts this information within easy reach of Splunk Enterprise users. Access to high-quality, real-time transaction events captured directly off the underlying network brings a whole new context to all other machine-generated data in Splunk Enterprise."

INETCO NetStream is a network-based application that consumes packets, either directly from a host machine or remotely from SPAN ports, reconstructs individual transaction events and streams them to Splunk Enterprise in real time, so that the data can be easily indexed, searched, analyzed and visualized.

Information passed from INETCO NetStream into Splunk Enterprise includes fields from the application payload, correlated application response times, network request and network response links for each transaction event. This data is filtered before ingestion and presented in a fashion that makes it easy to analyze the behavior of every transaction in Splunk Enterprise, as well as specific elements of the application payload—such as customer IDs, dollar amounts, transaction types and more. Company officials said INETCO NetStream is simple to install and configure, works out of the box for typical Web-based applications and can be extended to decode additional protocols using Python APIs.

"Our partner community provides additional data sources that enhance the value enterprises and organizations get from Splunk software as a platform for machine data by allowing them to leverage the data across a wide range of use cases," said Bill Gaylord, senior vice president of business development at Splunk, in a statement. "INETCO NetStream will bring network-based transaction data into Splunk software, enabling users to create new correlations and insights about their business."

Explaining the problem the new software helps to address, Brad Zaytsoff, INETCO's director of marketing, in a blog post, said:

"Imagine that your users are complaining that their transactions are running slow when they interact with your web application. It could be due to a number of issues, including a security breach, a slow application response time, or a network bottleneck. You've likely analyzed the utilization and performance logs of your individual server components, but they all appear to be running normal. So how do you gain access to that next level of data you need, which shows you what is happening between each of these components? If you use Splunk Enterprise, our just announced INETCO NetStream data forwarding app is your answer."

Moreover, "INETCO NetStream is for application support teams, IT operations and security analysts who need a fast, consistent way to analyze full transaction event data in Splunk," Zaytsoff said. "Unlike many log files and scripts, INETCO NetStream captures full application message payload, response/request timings and network addresses for each transaction. This means you can easily filter the exact data you need to analyze every transaction path, every user interaction and every transaction anomaly."

Splunk users can sign up for the free INETCO NetStream beta at