Skip to content

splunk/splunk-app-flurry

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

28 Commits
flurry
flurry
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
npm-debug.log
npm-debug.log
 
 

Repository files navigation

Splunk-Flurry Connector

Currently broken: Flurry has updated their private API again in a way that breaks this app. Please see #5

Seeking new maintainer: I no longer have the cycles to maintain this app myself, but I will review patches that are submitted against it.

This app provides a scripted input for Splunk that automatically extracts event logs from Flurry. It is tested on Splunk 4.3.2.

This input permits the use of Splunk's advanced data analysis capabilities on Flurry data. This is particularly useful if your application logs custom events and you want to perform custom analyses on them.

Installation

  • Install the app by copying the flurry directory to $SPLUNK_HOME/etc/apps/flurry.

  • (Re)start Splunk so that the app is recognized.

  • In the Splunk web interface, from the App menu, select the Flurry app. And press "Continue to app setup page".

  • Input your Flurry credentials and the earliest date containing events you wish to download. Enable the Flurry input. Click "Save".

  • Wait 15 seconds or so for the new scripted input to extract the first couple of events.

  • Run a test search index=flurry to see the events.

    • If you don't see any events, open the log $SPLUNK_HOME/var/log/splunk/splunkd.log and look for errors issued by ExecProcessor related to the $SPLUNK_HOME/etc/apps/flurry/bin/extract.py script. Most likely, the configured authentication credentials or the project ID was incorrect.

Example Searches

The following searches are installed by default:

  • Activity by Time of Day: index=flurry | stats count by date_hour | sort +date_hour

  • Activity by Day of Week: index=flurry | eval weekday=strftime(_time, "%w") | stats count, values(date_wday) as weekday_name by weekday | sort +weekday | table weekday_name, count

  • Top Users: index=flurry Session_Index=1 | top User_ID

If you log location information in events, you can use, in combination with the Google Maps add-on:

  • Activity by Location: index=flurry EVENT_NAME__UserLocation=* | eval _geo=EVENT_NAME__UserLocation

If you log OS information in events, you can use:

  • Activity by OS Version: index=flurry EVENT_NAME__SystemVersion=* | stats count by EVENT_NAME__SystemVersion | sort +EVENT_NAME__SystemVersion

License

This software is licensed under the Apache License 2.0. Details can be found in the file LICENSE.

This software includes Mechanize as a source dependency, which is used under the BSD License.

About

Splunk Flurry App

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

5 stars

Watchers

36 watching

Forks

4 forks
Report repository

Releases

2 tags

Packages

No packages published

Languages