We used this to produce a distribution of how long our sessions last. We print the median, average, and maximum session length based on the first and last occurrence of a given JSESSIONID. We also filter out those sessions less…
Category: Apache
Splunk – Query to print distribution of requests by device type
We had a need to understand what type of devices our customers were using; specifically, Apple or Android. We came up with what is below… host=cmhlpecomweb* sourcetype=access* (“iphone” OR “ipad” OR “android”) | rex mode=sed field=_raw “s/\t/~/g” | eval tmp=split(_raw,”~”)…