In the past few years I’ve been getting into IOT. You may have seen tweets or blog about the Tech-Turkey project I’ve been working on or flame throwing pumpkins at Halloween. I’ve learned and used Arduinos, Raspberry Pi’s, and Particle Photons and Electrons. It has been fun to learn more and get into the connected world… the internet of things!
I’ve been keeping ServoCity in business and even recently worked to get a custom PCB created. Every step of the way I’ve been learning different things and realizing just how much more there is to learn. Recently I’ve started learning more about Splunk.
What is Splunk If you don’t already know what Splunk is, Splunk is a software company based in San Francisco that produces software for searching, monitoring, and analyzing machine generated big data via a web style interface. Splunk’s software helps organizations with operational intelligence, log management, application management, enterprise security and compliance.
Side note: In my first exploration into Splunk I wrote a blog about using Splunk with DNN that may interest you.
Particle & SplunkDNN is a web application, but what if I wanted to get data from an IOT device? That’s when we call on Particle. If you’re not familiar with Particle, it makes it really easy to bring real world objects online. Particle is one of my favorite IOT platforms. It makes awesome microcontrollers, provides a nice IDE, has awesome documentation, and a great community. Connecting to Particle’s cloud is straight forward and even southerners can do it! See my presentation at our user group on DNN & Particle.
If you’re not familiar with Splunk, it makes it really easy to pull in data (machine data) and make sense of it. I’m talking about parsing vast amounts of data, creating visualizations and/or alerts and making it simple to understand. Even southerners can use it too!
Both Particle and Splunk are industry leaders and have some really big names behind their companies and as clients of their companies.
So why not bring Particle & Splunk together?
Reading Temperature with ParticleTo use the awesomeness that both solutions bring us we’ll first need to read the temperature and post it to a webservice. Here again, Particle makes this easy. I used a basic temperature reader in a bread board layout for this experiment.
Then, in Particle’s IDE I used the basic tutorial level code to read an analog value and post it to a Particle cloud variable. Cloud variables are accessible via web services. That is, I can make a GET request and parse the JSON object to get the data. Epic.
Now we were cooking with oil! The next step was to get this data into Splunk.
Getting Particle’s RESTful Data Into SplunkGetting RESTful data into Splunk is really straightforward thanks to Splunk’s extensibility. Splunk has an extensions gallery that can be found on the Apps and Ad-Ons sections of the Splunk website. I tell you this because ultimately, I followed a blog by Damien Dallimore on getting REST data into Splunk which used a modular input extension and that was all it took. I simply completed the required fields in the Splunk REST Modular Input as shown below.
After clicking save, the data from my Particle temperature reader was showing up in Splunk!
Creating Dashboards from the Particle DataOnce data shows up in Splunk you can literally perform any search query you want on the data and create/configure dashboards, panels, reports, alerts and more. Splunk is very powerful in this regard and scale to infinity. However, for this scenario I just wanted log the temperature over time from one device, as well as the temperature’s highest, lowest, and average. Splunk, again, made this very simple.
After clicking on the “result” field I created some visualizations and voila! Out popped some neat dashboards showing all my data in a way that’s easy to understand.
If you are like me, you kind of want to see things in action. So for those of you like me who are visual learners, here’s a quick video of the solution in action.
An IOT Combination That’s Hard to Beat!As you can see, both solutions are awesome and the opportunities are endless. Consider the possibilities here… Particle is easy to deploy and post data to the net and Splunk can easily connect, suck in data, and bring instant insights. The more data you give to Splunk the more knowledge you’re going to have. Splunk can handle this at scale too… I mean massive scale. Why not connect thousands of devices and pump all the data into Splunk and tune it to your liking! I believe that’s what they refer to as operational intelligence 😊 Now my mind is spinning with possibilities. Is yours?