Splunk Search

Can I set up a PS4 Game Session Timer and Notification?

InspiredSplunk
Observer

Hi

I want to know how long and when either of two games are being played on the PS4 or a laptop and be notified via email the IP address, when the game play started and when the game play stopped and the duration the game was played. There are multiple game play sessions during the day. I want to be able to graph game play by day and week also.

I am using squid proxy and the destination traffic for both games is known for example api.gamesite1.com for game 1 and api.gamesite2.com for game 2 and the traffic is initiated from the PS4 or laptop every 14 seconds on average and when the game is stopped playing the traffic stops appearing.

Multiple sessions of either game could be played during the day so I want to capture each game session the source IP address, start and finish time and duration between start and finish time.  Can anyone help how to do this?

Labels (6)
0 Karma

PickleRick
SplunkTrust
SplunkTrust

Just do a | transaction over destination domain with a maxpause=15s or something like that.

0 Karma

InspiredSplunk
Observer

Hey thanks for the response, I am new to Splunk so next a bit more guidance if that is okay, I need a notification by email upon first time either of the domains is visited and then check progressively for when the domain does not come up for longer than a minute.

It would be good to accumulate traffic for only the domain for graphing after also.

Any help would be appreciated.

0 Karma

EyesFitt
Observer

To track game play sessions, capture relevant details, and generate graphs, set up network monitoring with squid proxy to log traffic, filter game-related traffic using destination URLs, analyze log files to extract source IP, start and stop times, duration, and store the data for further analysis and graphing.
You can also play Fallout 3 Console with Commands using these guidelines (https://cheatcommands.cc/fallout-3-console-commands/).

0 Karma

PickleRick
SplunkTrust
SplunkTrust

Wait, wait, wait.

I assumed you already have the data ingested into splunk.

If you don't you'll have to get your data into splunk in the first place.

Also - what version of splunk are you using? Remember that splunk free doesn't have alerting functionality if I remember correctly.

0 Karma
Get Updates on the Splunk Community!

Industry Solutions for Supply Chain and OT, Amazon Use Cases, Plus More New Articles ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Enterprise Security Content Update (ESCU) | New Releases

In November, the Splunk Threat Research Team had one release of new security content via the Enterprise ...

Index This | Divide 100 by half. What do you get?

November 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...