I'm trying to ingest various kinds of data to learn as much as I can about Splunk data ingestion as possible. My latest attempt is with my Mountain Biking data, downloaded in GPX file format from Strava.
The format looks like the below...just with a bunch more events, roughly every 10 seconds, that capture Lat, Lon, and elevation.
There are a couple of challenges here for me:
I assume that I need to associate the field, which only appears once per file, with every event in the file so Splunk will rightly understand that all of the Lat, Lon, Ele combination events apply to the proper ride. How can I do this?
As a corollary to the above, is it possible to have the field become the SOURCE value (rather than the name of the source file)?
OK, so maybe just one challenge with a couple of parts to it. 🙂
PLEASE HELP!
<?xml version="1.0" encoding="UTF-8"?>
<gpx creator="strava.com Android" version="1.1" xmlns="http://www.topografix.com/GPX/1/1" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.topografix.com/GPX/1/1 http://www.topografix.com/GPX/1/1/gpx.xsd">;
<metadata>
<time>2014-03-19T22:03:02Z</time>
</metadata>
<trk>
<name>Albino squirrel ride</name>
<trkseg>
<trkpt lat="35.2376560" lon="-80.6323440">
<ele>230.8</ele>
<time>2014-03-19T22:03:02Z</time>
</trkpt>
<trkpt lat="35.2375570" lon="-80.6322680">
<ele>230.9</ele>
<time>2014-03-19T22:49:19Z</time>
</trkpt>
<trkpt lat="35.2375230" lon="-80.6322810">
<ele>230.9</ele>
<time>2014-03-19T22:49:22Z</time>
</trkpt>
</trkseg>
</trk>
</gpx>
... View more