Security
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Web browser analytics for web site

rickwylie
New Member
‎07-24-2014 06:46 PM

I am trying to do some analytics out of the apache log file for the breakdown on types of browsers accessing the site. I have found the following script and a reference to the "documentation" which says "click here for the latest version" which goes nowhere.

https://github.com/JustinAzoff/splunk-scripts/blob/master/ua2os.py

Anyway I'm using Splunk 6.1.2 and wnat to know :
a. Is this type of script still valid from trying to generate dashboards and information as identified above
b. Is there any documentation that discusses how to do this for Splunk 6.x

or

c. Preferably a step by step guide on how to get such a script working?

Thanks in advance.

Tags (3)
0 Karma
Reply

rickwylie
New Member
‎07-25-2014 03:25 PM

Hi There thanks for the responses. Yes, All my data is coming in from my forwarders and being indexed. (OSX Server running apache2.

See sample below.

mgovlab.codinet.ae 192.168.59.26 - - [24/Jul/2014:07:23:03 +0400] "GET /getApplicationList.php?sinceTimeStamp=1405523236 HTTP/1.1" 200 31 "-" "python-requests/2.2.1 CPython/2.7.5 Darwin/13.1.0"

I'll try the app and see how we go.

Thanks.

0 Karma
Reply

lguinn2
Legend
‎07-25-2014 08:20 AM

Here is what you need to do:

  1. Get the apache logs into Splunk. As @strive mentioned, indexing the data is the first step. The apache "combined format" works well with Splunk and should have the sourcetype=access_combined.

  2. Download the free Splunk technology add-in/app TA-uas_parser. This app understands how to parse the user agent string to extract detailed info about the browser that connected.

Forget the script.

0 Karma
Reply

rickwylie
New Member
‎07-25-2014 03:26 PM

Hi There thanks for the responses. Yes, All my data is coming in from my forwarders and being indexed. (OSX Server running apache2.

See sample below.

mgovlab.codinet.ae 192.168.59.26 - - [24/Jul/2014:07:23:03 +0400] "GET /getApplicationList.php?sinceTimeStamp=1405523236 HTTP/1.1" 200 31 "-" "python-requests/2.2.1 CPython/2.7.5 Darwin/13.1.0"

I'll try the app and see how we go.

Thanks.

0 Karma
Reply

strive
Influencer
‎07-24-2014 08:18 PM

Have you completed forwarder and indexer configurations and indexed your logs? Can you post some sample log events from your log file.

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Upgrade Prep for 10.4, Network Observability Deep Dives, and More from Splunk Lantern

Splunk Lantern is Splunk’s customer success center that provides practical guidance from Splunk experts on key ...

Splunk Developer Day announcements: AI agents, MCP tools, Forecasting, and Custom ...

Splunk Developer Day was packed with product and platform updates for developers building in the AI ...

Deep insights, no barriers: Splunk Observability Cloud Free Edition

As software delivery cycles continue to accelerate, observability shouldn’t be a luxury — it should be a ...