Mobile Analytics with Storm (Part 2)
In the previous article “Mobile Analytics with Storm“, we discussed how to configure the logging library for mobile apps to send stacktrace messages to Storm via REST API. To make this logging library more usable and robust, mobile app developers are now able to send invaluable stacktrace messages via TCP (through the Network Inputs option). The configuration steps are incredibly simple and are summarized using the diagram shown below:
- Click at “Network data” to enable Storm to receive data via TCP
- Click at “Authorize your IP address” so that Storm is receiving data from authorized IP address(es). Please take note of the “IP/Port combination” in “Send data to” – we are going
Mobile Analytics with Splunk
The logging library for Android is now added with an option to reroute the crash logs into Splunk Enterprise. Yes, crash logs from Android mobile devices into Splunk Enterprise.
Mobile Analytics with Storm
This is a logging library developed for mobile app developers to allow better visibility of their apps; particularly to address the instrumentation of crash logs. Bottom-line, no more guessing what kind of errors that end users experience with your mobile apps on their phones. Ensure the highest quality of your apps by harnessing realtime analytics Splunk Storm provides.
Indexing PCAP header data in Splunk
I am often asked, “can i store pcap headers in splunk ?”. My response is a somewhat useless, “that’s easy”. To which the inquirer says, “if its so easy, show me; right now”. Ok. Fair point
We’ll do all this from the command line but first a quick overview:
- Create a new index, pcaphead,
- Create a splunk listener, udp 5000.
- Run tcpdump to print the headers
- Use netcat to send the headers to Splunk
- Run a Splunk search.
This is what it looks like on the command line.
merza-mbp15:Downloads mmerza$ # add the index using the splunk password /opt/splunk/bin/splunk add index pcaphead -auth admin:supersecret #
SPLogger: iPhone Logging API
This week I put up on GitHub an early version of a Splunk logging API for iPhone developers, call SPLogger. We’d love feedback, code contributions, suggestion. The SPLogger API allows iPhone developers to log events in their application and have them go to Splunk Storm (www.splunkstorm.com), which is free for up to a GB of data. If you currently have no insight into how your app is being used, or by whom, this can come in handy, and of course you’ll have the full power of SPL, Splunk’s search language.
To get the SPLogger API, download it via either method:
Making Applied Math Interesting
I have a college friend who after years of working in the IT field decided to become an 8th grade math teacher. This is a noble endeavor. After hearing this, I began to think about what it was like to learn math in my own youth and quickly thought about the usual word problems such as when will two trains intersect if heading at certain speeds at each other or finding the X value given an equation. These type of problem solving skills probably meet the needs of most students, but some want more. In fact, they want their math problems to apply to real world scenarios to make them more realistic and interesting.
This is where Splunk can play…
Getting the Message
Message Oriented Middleware (MOM) infrastructures facilitate the sending and receiving of messages between distributed systems. Messages typically get routed to Queues(point to point) or Topics(publish/subscribe) for clients to subscribe to, receive the messages and process them.
In many respects you can think of MOM as the glue that stitches heterogeneous enterprise computing environments together.
Now why am I so interested in this ? Well, MOM and the messages transported represent a massive source of machine data that Splunk can index and resolve into operational visibility on many different levels..core operations , business analytics, transaction tracing etc..
So for some time now I have been pondering creating a solution for Splunk to tap into this source.
Most folks I have…
Splunk for Meaningful Use
I visited a Health Care customer recently to discuss their most important use cases for Splunk. They’ve taken a holistic approach to getting all of their application data into Splunk and it’s really paying off. A key use case for their many health care facilities helps them stay compliant to meet their meaningful use requirements.
Meaningful use of health information technology is an umbrella term for rules and regulations that hospitals and physicians must meet to qualify for federal incentive funding under the American Recovery and Reinvestment Act of 2009 (ARRA). One of the overarching goals is to use Electronic Health Record (EHR) technology to improve the quality, safety and efficiency of patient care. Bottom line, it’s important to…
Splunk 2012 Revolution Awards—Winners!
When I was in Las Vegas last month for our Users’ Conference, I randomly threw twenty dollars into a pirate-themed penny slot machine. It was late at night, I might have had an adult beverage or two, and I was feeling lucky. Actually, I was resigned to losing my $20 and going to bed. To my surprise, after just a few minutes of randomly hitting buttons and playing all 30 lines like a Vegas VIP, I hit some kind of jackpot and walked away with $40. Vegas, I own you!
No doubt about it—everyone loves to feel like a winner! So, on Tuesday night during the Search Party, we distinguished the winners of this year’s Splunk Revolution Awards. The Revolution…
By the title of this post, many of you may assume that I am referring to network traffic. However, today’s topic is about monitoring vehicular traffic incidents or what some of us call accidents in most cases. I found a feed from http://cityrss.traffic.com/feeds that lists recent incidents for a known USA city if the city is used as the last part of the URL. The information returned explains the jam factor (how crowded the roads are), severity of the incident and its location. Armed with this information, I created a Splunk app around it and put it on Splunkbase for you to use. Instructions are provided on what text file to update to add or delete the cities you…