Skip to content

santhgates/splunk-app-flurry

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

29 Commits
flurry
flurry
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
npm-debug.log
npm-debug.log
 
 

Repository files navigation

Splunk-Flurry Connector

This app provides a scripted input for Splunk that automatically extracts event logs from Flurry. It is tested on Splunk Light Free version 6.3.4. Should work with most versions of Splunk Free and Splunk Enterprise.

This input permits the use of Splunk's advanced data analysis capabilities on Flurry data. This is particularly useful if your application logs custom events and you want to perform custom analyses on them.

Installation

  • Install the app by copying the flurry directory to $SPLUNK_HOME/etc/apps/flurry.

  • Enter the Flurry credentials and the Project ID in /flurry/default/extract.conf

  • Add the year, month and date beginning from which the data is to be extracted from in /flurry/default/extract.conf and save the file.

  • (Re)start Splunk so that the app is recognized.

  • In the Splunk web interface, from the menu, select the 'Data Inputs'. And then select 'Scripts'. Enable the extract.py script.

  • Wait 15 seconds or so for the new scripted input to extract the first couple of events.

  • Run a test search index=flurry to see the events.

    • If you don't see any events, open the log $SPLUNK_HOME/var/log/splunk/splunkd.log and look for errors issued by ExecProcessor related to the $SPLUNK_HOME/etc/apps/flurry/bin/extract.py script. Most likely, the configured authentication credentials or the project ID was incorrect.

Example Searches

The following searches are installed by default:

  • Activity by Time of Day: index=flurry | stats count by date_hour | sort +date_hour

  • Activity by Day of Week: index=flurry | eval weekday=strftime(_time, "%w") | stats count, values(date_wday) as weekday_name by weekday | sort +weekday | table weekday_name, count

  • Top Users: index=flurry Session_Index=1 | top User_ID

If you log location information in events, you can use, in combination with the Google Maps add-on:

  • Activity by Location: index=flurry EVENT_NAME__UserLocation=* | eval _geo=EVENT_NAME__UserLocation

If you log OS information in events, you can use:

  • Activity by OS Version: index=flurry EVENT_NAME__SystemVersion=* | stats count by EVENT_NAME__SystemVersion | sort +EVENT_NAME__SystemVersion

License

This software is licensed under the Apache License 2.0. Details can be found in the file LICENSE.

This software includes Mechanize as a source dependency, which is used under the BSD License.

About

Splunk Flurry App

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

 
 
 

Contributors

Languages

  • Python 100.0%