Reporting
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

concurrent usage by user

MwayneSmith
Explorer
‎02-10-2021 07:34 AM

We have a search that is monitoring and reporting website usage by users over time.  Our customer base is 4K+,  most are mobile users so IP changes frequently.  Monthly activity would generate approximately 10K+ transactions with pertinent data points being:

      email                 IP address               Session Start                 Session Stop                Duration(mins)     Actions

cxxx@yyy.com 192.168.1.3    2021/01/28 10:30:43     2021/01/28 10:34:32           3.82                    18

We would like to automate the process to identify email and IP transactions that are concurrent; i.e. same user different IP's,  running at the same time.  

Any suggestions?

Labels (2)
0 Karma
Reply

MwayneSmith
Explorer
‎02-18-2021 07:22 AM

Okay, I must have done something wrong with my original question (fairly new at this).  Have I posted this in the wrong category, not provided enough description?  All suggestions appreciated.

0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎02-18-2021 07:51 AM

Can you post some sample data with scrambled user and ip information? That helps us to help you.

0 Karma
Reply

MwayneSmith
Explorer
‎02-18-2021 12:27 PM

Thanks,  Will this work?  Could not load a CSV file type.  We're looking for any overlap on unique email, unique IP between these Site Times.

In this example we would like to publish that User1@testemail with two different IPs were active in same timeframes (bolded transactions).  Make sense?  And we can, of course, sort by any of these fields prior.  We would normally have 10k+ emails and 40K+ transactions like those below.

email,User IP,First Site Activity,Last Site Activity
User1@testemail.com,717.228.44.170,2021/01/25 09:14:53,2021/01/25 09:25:06
User1@testemail.com,717.228.44.170,2021/01/25 09:25:34,2021/01/25 09:33:49
User1@testemail.com,717.228.44.170,2021/01/25 09:26:21,2021/01/25 09:28:21
User1@testemail.com,717.228.44.170,2021/01/25 13:45:23,2021/01/25 13:52:22
User1@testemail.com,717.228.44.170,2021/01/25 13:58:03,2021/01/25 14:23:13
User1@testemail.com,717.228.44.170,2021/01/25 16:24:45,2021/01/25 17:35:22
User1@testemail.com,555.184.249.118,2021/01/25 17:10:12,2021/01/25 17:22:31
User1@testemail.com,444.90.63.75,2021/01/27 10:34:48,2021/01/27 10:37:41
User1@testemail.com,555.184.249.118,2021/01/27 14:04:31,2021/01/27 14:22:38
User1@testemail.com,555.184.249.118,2021/01/27 14:18:05,2021/01/27 16:35:43
User1@testemail.com,555.184.249.118,2021/01/27 16:17:44,2021/01/27 16:50:49
User1@testemail.com,555.184.249.118,2021/01/27 16:26:23,2021/01/27 16:48:36
User1@testemail.com,555.184.249.118,2021/01/27 16:28:26,2021/01/27 16:45:11
User1@testemail.com,555.184.249.118,2021/01/27 16:30:36,2021/01/27 17:20:35
User1@testemail.com,555.184.249.118,2021/01/28 09:39:57,2021/01/28 10:00:15
User1@testemail.com,555.184.249.118,2021/01/28 09:54:05,2021/01/28 10:13:46
User1@testemail.com,555.184.249.118,2021/01/28 11:35:41,2021/01/28 11:53:43
User1@testemail.com,555.184.249.118,2021/01/28 11:53:50,2021/01/28 11:59:06
User1@testemail.com,555.184.249.118,2021/01/28 12:00:24,2021/01/28 12:02:12
User1@testemail.com,555.184.249.118,2021/02/04 08:30:36,2021/02/04 09:02:10
User1@testemail.com,555.184.249.118,2021/02/04 11:16:49,2021/02/04 11:49:49
User1@testemail.com,555.184.249.118,2021/02/04 11:56:58,2021/02/04 12:48:00
User1@testemail.com,555.184.249.118,2021/02/04 12:30:09,2021/02/04 13:21:55
User1@testemail.com,717.228.44.170,2021/02/05 15:56:35,2021/02/05 16:01:35
User1@testemail.com,717.228.44.170,2021/02/08 08:18:28,2021/02/08 08:20:56
User1@testemail.com,717.228.44.170,2021/02/08 12:57:18,2021/02/08 13:08:34
User1@testemail.com,717.228.44.170,2021/02/08 13:12:08,2021/02/08 14:19:09
User1@testemail.com,717.228.44.170,2021/02/12 14:11:24,2021/02/12 14:31:29
User1@testemail.com,555.184.249.118,2021/02/16 08:40:27,2021/02/16 09:36:19
User2@testemail.com,222.24.204.8,2021/01/20 15:44:40,2021/01/20 16:09:33
User2@testemail.com,222.24.204.8,2021/01/25 08:56:15,2021/01/25 09:23:01
User2@testemail.com,222.24.204.8,2021/01/25 10:10:40,2021/01/25 10:37:18
User2@testemail.com,222.24.204.8,2021/01/25 10:38:50,2021/01/25 10:51:17
User2@testemail.com,666.232.176.10,2021/01/26 09:48:37,2021/01/26 10:52:00
User2@testemail.com,666.232.176.10,2021/01/26 11:48:07,2021/01/26 12:02:41
User2@testemail.com,222.24.204.8,2021/01/26 13:52:19,2021/01/26 14:23:16
User2@testemail.com,222.24.204.8,2021/01/26 14:14:01,2021/01/26 15:38:30
User2@testemail.com,222.24.204.8,2021/01/29 09:11:06,2021/01/29 09:40:21
User2@testemail.com,222.24.204.8,2021/01/29 09:21:02,2021/01/29 09:35:14
User2@testemail.com,222.24.204.8,2021/01/29 09:27:04,2021/01/29 09:57:56
User2@testemail.com,222.24.204.8,2021/01/29 09:45:38,2021/01/29 09:55:14
User2@testemail.com,222.24.204.8,2021/01/29 09:50:21,2021/01/29 10:02:58
User2@testemail.com,222.24.204.8,2021/01/29 09:54:39,2021/01/29 10:04:21
User2@testemail.com,222.24.204.8,2021/01/29 09:59:02,2021/01/29 10:04:37
User2@testemail.com,222.24.204.8,2021/01/29 10:02:56,2021/01/29 10:09:54
User2@testemail.com,222.24.204.8,2021/01/29 10:06:50,2021/01/29 10:31:05
User2@testemail.com,222.24.204.8,2021/01/29 10:16:29,2021/01/29 10:28:12
User2@testemail.com,222.24.204.8,2021/01/29 10:19:51,2021/01/29 10:27:28
User2@testemail.com,222.24.204.8,2021/01/29 13:25:34,2021/01/29 13:45:43
User2@testemail.com,222.24.204.8,2021/01/29 13:45:45,2021/01/29 14:35:22
User2@testemail.com,222.24.204.8,2021/02/03 10:31:35,2021/02/03 10:37:27
User2@testemail.com,222.24.204.8,2021/02/03 10:52:50,2021/02/03 10:54:57
User2@testemail.com,222.24.204.8,2021/02/03 11:32:41,2021/02/03 11:34:16
User2@testemail.com,222.24.204.8,2021/02/03 11:39:17,2021/02/03 11:46:18

0 Karma
Reply

MwayneSmith
Explorer
‎03-03-2021 08:27 AM

Due to some family health issues, I had to step back from this thread for a couple of weeks.  Does anybody have any suggestions that I could add to help get some assistance with my question?  TIA

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Mile High Learning with Splunk University, Denver, Colorado

If Denver is known for its mile-high elevation, Splunk University is about to raise the bar on technical ...

IT Service Intelligence 5.0 Series: Your Guide to the June Launch

We are excited to announce the June release of Splunk IT Service Intelligence (ITSI) 5.0. This update ...

Agent Mode Engaged! Enchaining Agentic Operations with Splunk AI Assistant 2.0

    Are you ready to transform how your team handles complex data requests? We invite you to our upcoming ...