Menu
This is an easy-to-follow tutorial for charting battery usage on your Mac laptop with a small shell script and Splunk. Watching your battery charge is as exciting as watching paint dry, but analyzing it over time is pretty interesting. You may discover a few things about the software you run – like it eats your battery’s amps for desert.
- Should I Download Free Splunk On Mac Or Linux Download
- Should I Download Free Splunk On Mac Or Linux Mac
- Should I Download Free Splunk On Mac Or Linux Windows 7
- Should I Download Free Splunk On Mac Or Linux Download
- Should I Download Free Splunk On Mac Or Linux Windows 10
- Should I Download Free Splunk On Mac Or Linux Windows 10
Free Splunk Light Download. Splunk Light is a comprehensive solution for small IT environments that automates log search and analysis, as well as server and network monitoring. Centrally collect and index all of your log data including syslogs, event, web and IIS logs regardless of format or location. Should I reinstall on Linux? So I installed Splunk Light on a Windows Server 2012 VM a couple weeks ago to play with it. Ended up liking it and buying a license to upgrade to Enterprise, partly because I wanted to be able to use the eStreamer app with our Cisco Firepower system. From Splunk® App for Unix and Linux Install and Use the Splunk App for Unix and Linux 5.2.0 document - Splunk also uses configuration files to configure itself. When Splunk initializes, it finds all of the configuration files located in the Splunk directory and merges them to build a final 'master' configuration, which it then runs on.
A friend of mine, Sean Dick, showed me a version of this idea using Splunk on Linux and a program called ‘apci’. As I’m a Mac fanboy of sorts, I dug up a shell script for the Mac that will print out a single logfile-like line containing laptop battery information, including amp draw, amp-hours left, and more. It’s aptly named ‘battery’, and you can download it here.
Should I Download Free Splunk On Mac Or Linux Download
I suggest you put battery in a directory under your home directory, say something called ‘scripts’. Head into ‘terminal’ to start the dirty work.
Here’s an example output line from ‘battery short’:
G4:~ kord$ ./scripts/battery short
2007-10-07 18:34:27 1 _________i__ 11.232V -1.454A 2.788Ah of 4.720Ah (59.1%) of 4.400Ah (107.3%) 13 cycles
The line of underscores with an ‘i’ in it are the battery flags set. ‘i’ means my battery is installed. Duh. Other flags include whether the lid is closed, the battery is on fire, or it’s just on the charger. See the battery.rtf file for more information on the flags. I have a G4 laptop, but just got my battery replaced for free! Only 13 cycles on it so far!
Should I Download Free Splunk On Mac Or Linux Mac
Splunk eats logfiles, so you’ll need to get a logfile rolling on your battery output. I’m going to assume you know how to use vi (text editor) do the rest of this work.
You’ll need to set up a cronjob to create the logfile and continue logging to it every so often. Switch to root and create a logfile for battery in /var/log:
Download xcode.
G4:~ kord$ su
Password:
G4:/Users/kord root# cd /var/log
G4:/var/log root# touch battery.log
G4:/var/log root# chown kord battery.log
G4:/var/log root# ls -la battery.log
-rw-r--r-- 1 kord wheel 0 Oct 7 18:45 battery.log
G4:/var/log root# exit
G4:~ kord$
Now use ‘crontab -e’ and put in a line that looks something like the second line of this:
G4:~ kord$ crontab -l
* * * * * /Users/kord/scripts/battery short >> /var/log/battery.log
That will cause the battery script to run once a minute and append it to the battery.log file in the log directory. After a few minutes tail the logfile with ‘tail /var/log/battery.log’ and make sure you’ve got data in there. Also, I’ve edited my own crontab, but you could elect to do it as root (thus skipping the chown step above).
Obviously you will need Splunk installed to chart the battery usage out of the logfiles. If you haven’t installed it already, there’s a free version up on the website you can download. Follow the instructions for installing it on OSX.
Assuming that you installed Splunk in in ‘/Applications/splunk/’ you can do the following to start it: Iskysoft free video downloader for mac full version.
Should I Download Free Splunk On Mac Or Linux Windows 7
G4:~ root# cd /Applications/splunk
G4:/Applications/splunk root# export SPLUNK_HOME='/Applications/splunk/'
G4:/Applications/splunk root# ./bin/splunk start
Now you’ll need to download my addon for Splunk, which is basically a bundle of configuration files. For reference, I also put the battery script in the tar file, along with an example crontab file. To get the bundle in the right place, start by un-taring it:
G4:~ kord$ tar xvfz battery.tar.gz
battery/
battery/addon.conf
battery/bin/
battery/bin/battery
battery/bin/battery.rtf
battery/bin/crontab.example
battery/props.conf
battery/screenshot.jpg
battery/transforms.conf
Now move it to the correct location in Splunk’s directory:
G4:~ kord$ su
Password:
G4:/Users/kord root# mv battery /Applications/splunk/etc/bundles/
And restart Splunk now:
G4:/Users/kord root# /Applications/splunk/bin/splunk restart
We’ll spend the rest of our time in a browser, using Splunk’s kick-ass web interface.
If you left the default port alone, you should be able to fire up Firefox and hit http://localhost:8000 and see the initial login screen (or not if you are using the free version). I’ll leave the particulars of getting to the initial search interface on Splunk to you.
Add the battery.log file to the list of files Splunk monitors. Click on ‘admin’, then click on the ‘data inputs’ tab. Click on the ‘Add input’ link to the right of ‘Files & Directories’ at the bottom. Leave the data access to ‘tail’ and give the full path to the logfile – ‘/var/log/battery.log’ in my example above. Host can be constant, DNS name doesn’t matter, and set the source type pulldown to ‘_battery’. Remember, this sourcetype won’t be in the list until you install the battery bundle.
Click on ‘add’ to add the source type. Go get a cup of coffee while Splunk eats this and other files on your computer and builds the index.
Back from the caffeine, you should now click on the ‘splunk>’ logo at the top left. Type in the following in the search bar, sans the quotes: ‘source::/var/log/battery.log’. Click on the ‘fields’ pulldown on the left and check a few extracted fields, such as battery_ah_remaining, battery_draw, battery_percent, and battery_volts. Click on ‘fields’ again to close and reload with the extracted fields showing.
You should get something that looks like this:
If you have about an hour’s or so data logged, try entering ‘source::/var/log/battery.log | timechart avg(battery_draw)’ in the search box at the top to generate a report for the last 60 minutes.
Here’s what my amp draw looks like for the last 3 hours:
The move ‘up’ in the graph halfway through is actually a drop in amps drawn on the battery when I restarted Firefox. The cause? Firefox had a Flash game running in another tab, and it had eventually heated up the processor enough to kick on the fans!
Here’s another one, showing the evidence of me having a newer battery installed – almost five hours of continuous usage after 4PM, with only a few screen sleeps:
Should I Download Free Splunk On Mac Or Linux Download
It’s interesting how the laptop charges at a rate almost the same as it discharges. It preserves battery life doing it that way, especially with the new lithium-polymer batteries.
See what else you can dig up about your battery. Try charting with some of the flags that are set – like how often the charger is on the laptop, or what the draw rate is if you have the screen clamshell closed.
Splunk Light is a comprehensive solution for small IT environments that automates log search and analysis, as well as server and network monitoring. Centrally collect and index all of your log data including syslogs, event, web and IIS logs regardless of format or location.
Speed tactical troubleshooting by gathering real-time log data from your distributed systems and networks—all in one place. This enables powerful search queries, dynamic alerts and visual dashboards for real-time reporting and analysis.
Should I Download Free Splunk On Mac Or Linux Windows 10
- Universal collection, indexing and correlation of machine data, from virtually any source - event logs, syslogs, web logs, network and IIS logs
- Faster identification of security violations and resolution of website and network performance issues with powerful search and visualization
- Build dashboards around security compliance, clickstream data and website transaction failures
- Maximize uptime of network, operational and e-commerce servers with real-time alerts
* Existing Splunk Enterprise users should install Splunk Light on a separate machine.
** The $3 per day price is based on an annual license fee of US $900 for indexing up to 1 gigabyte of data per day using Splunk Light Software, and an annual subscription fee of US $1,080 for indexing up to 1 gigabyte of data per day using Splunk Light Cloud Service.
Splunk Light Product Tour (3:42 min)
- Compare ProductsSplunk Light vs. Splunk Enterprise
- Learn MoreSplunk Light
OS version
2.6+ kernel Linux distributions (64-bit)
Release Notes
splunklight-7.3.4.2-cb574b3d103e-Linux-x86_64.tgzsplunklight-7.3.4.2-cb574b3d103e-linux-2.6-amd64.debsplunklight-7.3.4.2-cb574b3d103e-linux-2.6-x86_64.rpmRelease Notes
Should I Download Free Splunk On Mac Or Linux Windows 10
OS version
OSX 10.12 (Intel) OSX 10.13 (Intel) OSX 10.14 (Intel)
Release Notes
splunklight-7.3.4.2-cb574b3d103e-darwin-64.tgzsplunklight-7.3.4.2-cb574b3d103e-macosx-10.11-intel.dmgRelease Notes
OS version
Windows 10 (64-bit) Windows Server 2012, 2012 R2, 2016 and 2019 (64-bit)
Release Notes
splunklight-7.3.4.2-cb574b3d103e-x64-release.msiRelease Notes
OS version
Windows 10 (32-bit)
Release Notes
splunklight-7.3.4.2-cb574b3d103e-x86-release.msiRelease Notes