I’ve spoken to many customers who love their client-side tracking tools (Omniture, Google Analytics, Webtrends, etc.) but also want to get that data into Splunk so that they can correlate web traffic data with other things and really see “the big picture”. But how? What are the options? Basically there are four ways to go:
Option #1: CSV Export
Create a report in your client-side tracking tool of choice and export the data. In Splunk, upload the data (“Manager > Add Data > From files and directories”) and voila, you may now visualize and correlate to your heart’s content.
Pros: Easy and fast access to Splunk’s correlation, visualization, and analysis features.
Cons: Not automated, not real-time, and limited access to the data.
Option #2: Automatic CSV Export
Some client-side tracking tools allow for automated generation of CSV reports and sent to a folder via FTP. In those cases, you just point Splunk to the folder in question (“Manager > Add Data > From files and directories”).
Pros: Automated access to Splunk’s correlation, visualization, and analysis features.
Cons: Not real-time, and limited access to the data.
Option #3: API
Pros: Automated access to Splunk’s Splunk’s correlation, visualization, and analysis features and (depending on the client-side tool’s API) possibly less limited access to the source data.
Cons: Not real-time.
Option #4: Capture at the Source
Pros: Real time, automated, full access to the data, and of course, Splunk’s correlation, visualization, and analysis features.
Whatever method you use, you’ll find that once the data is in Splunk, you’ll be in a whole different universe of flexibility and insight. When you have an aha moment, will you share it with us? Email me at email@example.com. I’d love to hear about the creative, innovative ways you’re using the data you already have to better understand your users.