The following Splunk search extracts the WordPress version from your Apache Web Logs. For fun I also did a time chart using 100% stacked bar chart to show by month each version of wordpress used. This was actually a pretty neat display of colors to show the upgrade path of WordPress over the years! I […]
Utilizing tstats for Page Views within Apache Web Logs
Here’s a Splunk query to show a timechart of page views from a website running on Apache. Due to the search utilizing tstats, the query will return results incredibly fast over a very LONG period of time if desired. Change the index to reflect yours, as well as the span to reflect a span you […]
Nr. of unique visitors per hour timechart
host=insertHostnameHere sourcetype=access_combined | timechart span=1h dc(sourceIP) If you have Fieldextraction for the visitor IP’s, in this example named ‘sourceIP’, this simple query will list the number of unique visitors per hour
Worldmap with unique visitors last 24 hours
sourcetype=access_combined | iplocation sourceIP | stats dc(sourceIP) by Country | geom geo_countries featureIdField=”Country” earliest=-24h Note that ‘sourceIP’ is the name for the IP field. You may already have another fieldname for that extraction. Tested on Splunk Light.
Apache access_logs status code reporting
index=apache sourcetype=access_combined | chart count(eval(like(status,”2%”))) AS Success, count(eval(like(status,”4%”) OR like(status,”5%”))) AS Error by status ###this query is to report on status code description##### index=apache source=”/var/log/httpd/access_log” | timechart count by status_description useother=f # Find Website Status Over time index=apache sourcetype=access_combined| timechart count by status_type limit=10 usenull=f # Reports on Webserver error 500. index=apache sourcetype=access_combined status_type=”Server Error” […]
