It’s a Splunk > Thing.
Shortly after getting involved in the Splunk world I wanted to start Splunking everything I could think of. The first thing I tried was Montgomery County Traffic and Crime; all the data I needed was easily accessible through www.data.gov. I then learned that I could Splunk my car, a 2015 Jeep Grand Cherokee, and I was hooked on Splunking all things.
Before continuing, I should mention that I was able to complete this because of a third-party device called Automatic (www.automatic.com). Automatic is an adapter that plugs into most car’s diagnostic (OBD-II) port, which is typically located under the dash, and it unlocks the data from your car’s onboard computer. With this device, I now have all my cars logs being stored, and Splunk is able to utilize Automatic’s API to bring in all the data.
It’s incredible how quick and easy it is to bring years of drive logs into Splunk; there is an app built to do all the heavy lifting for you. The Splunk app store is filled with hundreds of free custom apps that either Splunk or a developer built. For almost anything you can think to Splunk, there is likely a solution online. Whether it is wrapped up for you in a Splunk app that contains pre-built visualizations with a simple download from splunkbase.splunk.com, or a written solution found on Splunk’s Q&A at answers.splunk.com.
With all my car data now in Splunk, I am able to create custom visualizations and alerts. For an easy example, I can map out all my drives onto a Google-like map and zoom into each one, clicking on it to show further details about that drive.
The car data also contains information about how many miles you drive and what your gas efficiency is throughout your drives. This allows you to calculate exactly how much money every drive costs. I am able to use this information to create a handy alert, which sends me an email as soon as I finished each drive. This email includes information such as the start time, end time, start address, end address, total duration, total fuel used, total fuel cost, average mpg, distance, number of hard accelerations, number of hard brakes, time spent driving over 70mph, 75mph, and 80mph, and much more.
Also, anytime the engine light comes on in my car, it creates a log and then comes into Splunk. These logs from the engine light contain helpful information such as the error code and description of the issue, so I can create another alert that sends an email to my mechanic with the information every time my engine light comes on. My mechanic can then let me know if this is something that I need to bring the vehicle in for, or if I can simply ignore it and turn the engine light off myself (with the Automatic device/app).
Follow along with the instructions below to learn how to Splunk you own car.
What you will need:
- A computer
- A car with an Automatic device (automatic.com)
- The device that I have is from their previous generation device, before they had Automatic Lite and Automatic Pro. All of the different device versions will work for this project.
Steps to download Splunk and install the Automatic app:
- Go to splunk.com and download Splunk enterprise for your computer
- Install Splunk Enterprise onto your computer
- Access Splunk from a web browser at http://localhost:8000
- Login to Splunk (default credentials will be admin:changeme) and update your password
- Go to Manage Apps
- If on the default launcher/homepage, click the gear icon in the top left next to ‘Apps’
- If on another page, you will see a dropdown in the top left next to the Splunk logo, click the dropdown and then click ‘Manage Apps’
- Click the green button ‘Browse more apps’
- In the search bar, type ‘Automatic’ and hit enter
- The first app listed should be the Automatic app by the author, Burch Simon.
- Click the green button to Install the app
- Type in your username and password for splunk.com (same account you used to download Splunk)
- Click button to Login and Install
- Once installation is completed you will need to restart Splunk, click the button to restart.
Steps to get access token from Automatic (for API):
- Navigate to developer.automatic.com.
- Log in with the same credentials you use for Automatic's Dashboards to log into the developer site.
- Select “My Apps” and fill out the form. Use http://www.splunk.com as your app and follow their instructions for obtaining access to their REST API endpoints.
- It takes a few hours for the Automatic developer team to register your App and send you an email with the relevant information to get started.
- For me, this was very quick
- Log back into the developer web page and your App will be displayed with the relevant information.
- Navigate directly to http://automatic-oauth-example-nodejs.herokuapp.com and type in your Automatic user credentials. Write down the access code shown to you.
Steps to finish Splunk setup:
- Log back into your Splunk instance.
- Click on Settings -> Data Inputs -> Automatic Car Data
- Select the ‘New’ button
- Add your access token to the input asking for it
- Click Next -> Save to save this data input
It may take a couple of minutes for Splunk to reach out to Automatic’s API and start bringing in all your drive logs. You can watch them come in by going to the Automatic app (top left dropdown by the Splunk logo) and clicking on ‘Search’ in the main menu. This will automatically perform the search for you to see your car logs, you can also switch the time picker on the right to ‘Real-time All time’ to watch them come into Splunk in real time.
Once you see your car data coming into Splunk, you can click over to the Launchpad, Geographic, and Fuel dashboards on the main menu to check out some pre-built dashboards and visualizations.
If you have any comments or problems getting this setup, please feel free to comment below and I will try to respond as soon as I can. I would also love to hear any other custom visualizations and/or alerts you create!