Sidehistorik
...
This ways has Pros and Cons - read Access Logging in Confluence. On One Pro is that the POST to Splunk in in the backend; so we dont need to open for the receiving system in the Firewall for the world.
| Info |
|---|
My site is mainly external as a website, with only one internal user, myself "bnp". In that situation, the PageViewEvent is not so interesting as if this was an internal system with multiple users. Currently, I have found no way to correlate bot/spider/monitoring hits from the real PageViews. Also, PageViewEvents only occur when a page is rendered and this gives back HTTP Code "200 OK" to the client. See Different Loggings for different logging compares. |
In this working sample, we will post to a S plunk Splunk HTTP Event Collector - after setup and getting the Splunk Key, the collector need a POST like this:
| Kodeblok |
|---|
{
"time": 1426279439,
"host": "localhost",
"source": "datasource",
"sourcetype": "txt",
"index": "main",
"event": { "hello": "world" }
} |
We do eliminate the "Timetime" field, as the POST is instantly from the Confluence server.
...
Giving us results to work on in Splunk (Where we already has created the index needed):
And we can build a dashboard:
