Hi
I want to know how long and when either of two games are being played on the PS4 or a laptop and be notified via email the IP address, when the game play started and when the game play stopped and the duration the game was played. There are multiple game play sessions during the day. I want to be able to graph game play by day and week also.
I am using squid proxy and the destination traffic for both games is known for example api.gamesite1.com for game 1 and api.gamesite2.com for game 2 and the traffic is initiated from the PS4 or laptop every 14 seconds on average and when the game is stopped playing the traffic stops appearing.
Multiple sessions of either game could be played during the day so I want to capture each game session the source IP address, start and finish time and duration between start and finish time. Can anyone help how to do this?
Just do a | transaction over destination domain with a maxpause=15s or something like that.
Hey thanks for the response, I am new to Splunk so next a bit more guidance if that is okay, I need a notification by email upon first time either of the domains is visited and then check progressively for when the domain does not come up for longer than a minute.
It would be good to accumulate traffic for only the domain for graphing after also.
Any help would be appreciated.
To track game play sessions, capture relevant details, and generate graphs, set up network monitoring with squid proxy to log traffic, filter game-related traffic using destination URLs, analyze log files to extract source IP, start and stop times, duration, and store the data for further analysis and graphing.
You can also play Fallout 3 Console with Commands using these guidelines (https://cheatcommands.cc/fallout-3-console-commands/).
Wait, wait, wait.
I assumed you already have the data ingested into splunk.
If you don't you'll have to get your data into splunk in the first place.
Also - what version of splunk are you using? Remember that splunk free doesn't have alerting functionality if I remember correctly.