Versioner sammenlignet

Gammel version 7

changes.mady.by.user Normann P. Nielsen

Gemt på

sammenlignet med

Ny version 8

changes.mady.by.user Normann P. Nielsen

Gemt på

Nøgle

  • Linjen blev tilføjet.
  • Denne linje blev fjernet.
  • Formatering blev ændret.

...

Next, the data can be extracted to XLS og CVS, but this was to manual, I wanted to utilize and automate, so I signed up for API services, which has 2 primary functions:

Past hours history for a device

Past give gives a json like:

Kodeblok
{"Data":[{"Date":"2017-12-03T15:26:14+01:00","Latitude":57.01060,"Longitude":10.03402,"Type":"GPS","Speed(mph)":null,"Speed(km/h)":null,"Altitude(ft)":16,"Altitude(m)":5,"Accuracy":124},{"Date":"2017-12-03T15:53:52+01:00","Latitude":57.01172,"Longitude":10.04380,"Type":"GPS","Speed(mph)":null,"Speed(km/h)":null,"Altitude(ft)":0,"Altitude(m)":0,"Accuracy":165},{"Date":"2017-12-03T15:57:05+01:00","Latitude":57.01323,"Longitude":10.04936,"Type":"GPS","Speed(mph)":null,"Speed(km/h)":null,"Altitude(ft)":6,"Altitude(m)":2,"Accuracy":165},{"Date":"2017-12-03T16:03:25+01:00","Latitude":57.01406,"Longitude":10.04982,"Type":"GPS","Speed(mph)":null,"Speed(km/h)":null,"Altitude(ft)":3,"Altitude(m)":1,"Accuracy":65},{"Date":"2017-12-03T16:05:50+01:00","Latitude":57.01049,"Longitude":10.03452,"Type":"GPS","Speed(mph)":null,"Speed(km/h)":null,"Altitude(ft)":16,"Altitude(m)":5,"Accuracy":67},{"Date":"2017-12-03T16:15:17+01:00","Latitude":57.01063,"Longitude":10.03377,"Type":"GPS","Speed(mph)":null,"Speed(km/h)":null,"Altitude(ft)":19,"Altitude(m)":6,"Accuracy":65},{"Date":"2017-12-
...
...
08T18:20:06+01:00","Latitude":57.01431,"Longitude":10.03389,"Type":"GPS","Speed(mph)":38,"Speed(km/h)":61,"Altitude(ft)":36,"Altitude(m)":11,"Accuracy":10},{"Date":"2017-12-08T18:21:58+01:00","Latitude":57.01034,"Longitude":10.03387,"Type":"GPS","Speed(mph)":4,"Speed(km/h)":6,"Altitude(ft)":29,"Altitude(m)":9,"Accuracy":5}]}

...

In splunk, its a bit complicated to split multivalue json into events, and since this is a POC and I dont really care that much for history, I will go for the current location...

Tip

Use the website http://json.parser.online.fr/ to text and exanime Your json

Getting data in

To get data in splunk, several approaches can be made - and typicalli typically I would choose a on-disk script to pull data from the API to a file to be parsed (via cron), but this time I wanted to play with getting the json in splunk the simplest way, so I installed the REST API Modular Input Add On, even thought its pretty old. The Add On adds an input possibility:

...