Reporting

concurrent usage by user

MwayneSmith
Explorer

We have a search that is monitoring and reporting website usage by users over time.  Our customer base is 4K+,  most are mobile users so IP changes frequently.  Monthly activity would generate approximately 10K+ transactions with pertinent data points being:

      email                 IP address               Session Start                 Session Stop                Duration(mins)     Actions

cxxx@yyy.com 192.168.1.3    2021/01/28 10:30:43     2021/01/28 10:34:32           3.82                    18

We would like to automate the process to identify email and IP transactions that are concurrent; i.e. same user different IP's,  running at the same time.  

Any suggestions?

Labels (2)
0 Karma

MwayneSmith
Explorer

Okay, I must have done something wrong with my original question (fairly new at this).  Have I posted this in the wrong category, not provided enough description?  All suggestions appreciated.

0 Karma

isoutamo
SplunkTrust
SplunkTrust

Can you post some sample data with scrambled user and ip information? That helps us to help you.

0 Karma

MwayneSmith
Explorer

Thanks,  Will this work?  Could not load a CSV file type.  We're looking for any overlap on unique email, unique IP between these Site Times.

In this example we would like to publish that User1@testemail with two different IPs were active in same timeframes (bolded transactions).  Make sense?  And we can, of course, sort by any of these fields prior.  We would normally have 10k+ emails and 40K+ transactions like those below.

email,User IP,First Site Activity,Last Site Activity
User1@testemail.com,717.228.44.170,2021/01/25 09:14:53,2021/01/25 09:25:06
User1@testemail.com,717.228.44.170,2021/01/25 09:25:34,2021/01/25 09:33:49
User1@testemail.com,717.228.44.170,2021/01/25 09:26:21,2021/01/25 09:28:21
User1@testemail.com,717.228.44.170,2021/01/25 13:45:23,2021/01/25 13:52:22
User1@testemail.com,717.228.44.170,2021/01/25 13:58:03,2021/01/25 14:23:13
User1@testemail.com,717.228.44.170,2021/01/25 16:24:45,2021/01/25 17:35:22
User1@testemail.com,555.184.249.118,2021/01/25 17:10:12,2021/01/25 17:22:31
User1@testemail.com,444.90.63.75,2021/01/27 10:34:48,2021/01/27 10:37:41
User1@testemail.com,555.184.249.118,2021/01/27 14:04:31,2021/01/27 14:22:38
User1@testemail.com,555.184.249.118,2021/01/27 14:18:05,2021/01/27 16:35:43
User1@testemail.com,555.184.249.118,2021/01/27 16:17:44,2021/01/27 16:50:49
User1@testemail.com,555.184.249.118,2021/01/27 16:26:23,2021/01/27 16:48:36
User1@testemail.com,555.184.249.118,2021/01/27 16:28:26,2021/01/27 16:45:11
User1@testemail.com,555.184.249.118,2021/01/27 16:30:36,2021/01/27 17:20:35
User1@testemail.com,555.184.249.118,2021/01/28 09:39:57,2021/01/28 10:00:15
User1@testemail.com,555.184.249.118,2021/01/28 09:54:05,2021/01/28 10:13:46
User1@testemail.com,555.184.249.118,2021/01/28 11:35:41,2021/01/28 11:53:43
User1@testemail.com,555.184.249.118,2021/01/28 11:53:50,2021/01/28 11:59:06
User1@testemail.com,555.184.249.118,2021/01/28 12:00:24,2021/01/28 12:02:12
User1@testemail.com,555.184.249.118,2021/02/04 08:30:36,2021/02/04 09:02:10
User1@testemail.com,555.184.249.118,2021/02/04 11:16:49,2021/02/04 11:49:49
User1@testemail.com,555.184.249.118,2021/02/04 11:56:58,2021/02/04 12:48:00
User1@testemail.com,555.184.249.118,2021/02/04 12:30:09,2021/02/04 13:21:55
User1@testemail.com,717.228.44.170,2021/02/05 15:56:35,2021/02/05 16:01:35
User1@testemail.com,717.228.44.170,2021/02/08 08:18:28,2021/02/08 08:20:56
User1@testemail.com,717.228.44.170,2021/02/08 12:57:18,2021/02/08 13:08:34
User1@testemail.com,717.228.44.170,2021/02/08 13:12:08,2021/02/08 14:19:09
User1@testemail.com,717.228.44.170,2021/02/12 14:11:24,2021/02/12 14:31:29
User1@testemail.com,555.184.249.118,2021/02/16 08:40:27,2021/02/16 09:36:19
User2@testemail.com,222.24.204.8,2021/01/20 15:44:40,2021/01/20 16:09:33
User2@testemail.com,222.24.204.8,2021/01/25 08:56:15,2021/01/25 09:23:01
User2@testemail.com,222.24.204.8,2021/01/25 10:10:40,2021/01/25 10:37:18
User2@testemail.com,222.24.204.8,2021/01/25 10:38:50,2021/01/25 10:51:17
User2@testemail.com,666.232.176.10,2021/01/26 09:48:37,2021/01/26 10:52:00
User2@testemail.com,666.232.176.10,2021/01/26 11:48:07,2021/01/26 12:02:41
User2@testemail.com,222.24.204.8,2021/01/26 13:52:19,2021/01/26 14:23:16
User2@testemail.com,222.24.204.8,2021/01/26 14:14:01,2021/01/26 15:38:30
User2@testemail.com,222.24.204.8,2021/01/29 09:11:06,2021/01/29 09:40:21
User2@testemail.com,222.24.204.8,2021/01/29 09:21:02,2021/01/29 09:35:14
User2@testemail.com,222.24.204.8,2021/01/29 09:27:04,2021/01/29 09:57:56
User2@testemail.com,222.24.204.8,2021/01/29 09:45:38,2021/01/29 09:55:14
User2@testemail.com,222.24.204.8,2021/01/29 09:50:21,2021/01/29 10:02:58
User2@testemail.com,222.24.204.8,2021/01/29 09:54:39,2021/01/29 10:04:21
User2@testemail.com,222.24.204.8,2021/01/29 09:59:02,2021/01/29 10:04:37
User2@testemail.com,222.24.204.8,2021/01/29 10:02:56,2021/01/29 10:09:54
User2@testemail.com,222.24.204.8,2021/01/29 10:06:50,2021/01/29 10:31:05
User2@testemail.com,222.24.204.8,2021/01/29 10:16:29,2021/01/29 10:28:12
User2@testemail.com,222.24.204.8,2021/01/29 10:19:51,2021/01/29 10:27:28
User2@testemail.com,222.24.204.8,2021/01/29 13:25:34,2021/01/29 13:45:43
User2@testemail.com,222.24.204.8,2021/01/29 13:45:45,2021/01/29 14:35:22
User2@testemail.com,222.24.204.8,2021/02/03 10:31:35,2021/02/03 10:37:27
User2@testemail.com,222.24.204.8,2021/02/03 10:52:50,2021/02/03 10:54:57
User2@testemail.com,222.24.204.8,2021/02/03 11:32:41,2021/02/03 11:34:16
User2@testemail.com,222.24.204.8,2021/02/03 11:39:17,2021/02/03 11:46:18

0 Karma

MwayneSmith
Explorer

Due to some family health issues, I had to step back from this thread for a couple of weeks.  Does anybody have any suggestions that I could add to help get some assistance with my question?  TIA

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...