TIPS & TRICKS

Dashboard Digest Series: Episode 7 – Iron Splunk

Welcome to Episode 7 of the Dashboard Digest series!

This is an exciting post for me today as a few days ago was my 5-year anniversary with Splunk! Well, that and I completed a bucket list item which is part of this post and the dashboards. Let me explain...

Five years ago I set out to do a full Ironman. In fact, 5 years ago a question during my interview with Splunk was: "What is your biggest goal this year?" and I answered "an Ironman!". Sadly, shortly after this interview I suffered a severe ankle sprain that permanently destroyed cartlidge between my leg and foot. The next 5 years equated to multiple ankle surgeries and 4 years of on-and-off physical therapy. It hasn't been fun but alas, I’ve made progress.

This past Sunday, however...I completed the Boulder Ironman!

The run portion wasn't pretty given the 97-degree heat, but I did it. And what better way to document that journey than to Splunk it!

Today I'll show you a dashboard that documents my 6-month training journey and uses the Status Indicator Custom Visualization, Link Switcher and Event Annotation which was added in Splunk 7.0. The first question many of you might have is why wouldn't you just use Strava? Well, I did, but Strava didn't have an input for beer consumption during training OR have the ability to build analytics ANY WAY I want it. As for getting the data in, the good news is you can use the Add-on Builder to automatically poll Strava's API to get the information in to Splunk constantly and the Lookup Editor App to manually input any other information you'd like.  

Purpose: Create an easy and flexible way to track exercise/training stats in Splunk
Splunk Version: Splunk 7.1
Data Sources: Data from Strava's API, manual input into Lookup Editor App
Apps: Lookup Editor, Add-on Builder, Status Indicator Custom Visualization, Dashboard Examples
Related Posts: Scroll to bottom of page

Let’s get started with getting the data in. If you haven’t already used the Add-on Builder to get REST API (and more) information into Splunk, you’ve been missing out! It makes getting this kind of data into Splunk exceptionally easier than before.  

I simply downloaded and installed the App, clicked “New Add-on” and followed the steps. Adding a logo is easy as well—I simply picked Strava’s main icon.

The main step involves finding the right API call to get the information you want. After creating my developer account and getting an access token, I then browsed through Strava’s API Docs to find the URL I needed to get activity information back. Next, I plugged this information into the add-on builder and hit “Test” to see the results. It worked!

Finished. Now you just enable the input you created and you’re off. I checked my index to see if information started coming in, and success! Time to start building dashboards. Well, almost...

The other data I wanted to use comes from manual entry. This could be anything, and in my case, I wanted to track some other variables along my journey such as injury notes, vacations, beverages consumed and more. The Lookup Editor is a perfect way to update static data sets as a .csv file. Before I started polling Strava, I was manually putting my exercise information in here as well as you can see below. Note the vacation and “beverage consumption” entries—these will be used for Event Annotation in the dashboards which you’ll see soon.

Okay, NOW we're ready for some dashboards. The goal was to make a simple but flexible dashboard to view training activity and trends, and overlay certain events. It's nothing fancy, but the use of Event Annotation and Link Switcher might be something you're interested in adding to your own dashboards.

Let’s start with the Status Indicators. These are useful for adding some additional context to your single values; in this case, it helps show which sport the value is associated with. I find it easier and more intuitive to understand than just having to read text in the title, and they can also change colors of the icon itself in real-time using conditional statements in your Splunk search. I made the colors match the data in the charts below to make it visually easier to connect the activities. This top bar is meant to show overall miles by activity in the 6 months of training.

Next, I wanted to break things down over time and add some overlays and trends. The different form inputs help update the chart to my liking. For example, do I want to see all activities at once? Do I want to show total duration of activities or the distance traveled? And how about that integral part of my training involving my favorite beverage? ;)

You can find out how to build and use these form inputs from the Dashboard Examples app. This app will show you everything you need to know in creating these—I highly recommend you download! I also provided a time span option to change the chart from 1-day to 3-day to 1-week intervals.

Let’s hit that beer button. This replaces the overall exercise duration trend overlay with beer consumed amounts per day using the right y-axis. 

If you can’t tell, I didn't give up beer drinking throughout this journey; I enjoy it too much, and...it has carbs right?! To add chart overlays like this, check out the example in the Dashboard Examples app.

How about those dotted lines you see? Event Annotation is a great way to overlay specific events in time on your charts. The blue and orange events were some long vacations where I found it difficult to maintain training. (I think I needed the rest anyways). The black one however was an unplanned knee injury—I’m thinking from over-use on the bike during some climbs. We can see the effect on subsequent training from there; it definitely put a dent in my plan. Changing the time span to 1 week and hovering over the event annotations, we can see what happened to my total exercise time during these periods. Luckily, the knee injury wasn’t too serious but still put me back a bit in training.

Vacation: Skiing in Japan I wasn’t able to maintain my exercise plan. Oh well, it was worth it!

Knee Injury: I think I increased my mileage and elevation too fast in biking, thus hurting my knee.

One way or another, it was quite a journey and I’m glad it's over with. I hope you enjoyed the post and can take advantage of the Form Inputs, Status Indicators and Event Annotation in your own dashboards! If you haven’t already be sure to check out the previous posts in the Dashboard Digest Series below.

Happy Splunking!

 


Related reads:

Dashboard Digest – Episode 1

Dashboard Digest – Episode 2 – Waves

Dashboard Digest – Episode 2 Part Deux – Hurricane Matthew

Dashboard Digest – Episode 3 – Splunk HQ Water and Energy

Dashboard Digest – Episode 4 – NFL Predictions

Dashboard Digest – Episode 5 – Maps!

Dashboard Digest – Episode 6 – Traveling on Time with Trellis

Dashboard Digest – Episode 6 – Traveling on Time with Trellis Part Deux

Stephen Luedtke
Posted by

Stephen Luedtke

Stephen Luedtke is a Technical Product Marketing Manager at Splunk. Prior to this role he served as a Professional Services consultant working with customers on Splunk architecture, design, implementation, dashboarding, and training. Before joining us, Stephen served as a Systems Engineer for Mission Critical Networks within Harris Corporation from 2006 to 2013 and specializes in telecommunications, network systems and business analytics. Stephen holds a B.S. in Computer Engineering and M.S. in Professional Engineering Management.

Join the Discussion