Latest version: 2.1

Sideview Web Analytics

With the Web Analytics app you can simply walk your data, from a list of clientips you can drill in on a particular clientip for a detail view, then click a link from that detail view to see the list of useragents from that clientip. This screenshot shows the upper half of a 'useragent list' view.   Next »
Here we see a detail view. Each link and each bar on the chart is clickable and leads to another list view or detail view.   Next »

App Details

Latest version: 2.1
Last updated: March 13th, 2013
First released: March 21 2011
CIM compliance: N/A

Create a new report, drill down, repeat…

This app offers a completely different approach to searching and reporting over access logs. Instead of having dozens of prepackaged dashboards showing you the same charts you can see in other analytics tools, Sideview Web Analytics just puts you in the driver’s seat and you can use its simple intuitive interfaces to slice up the data in any way you like. If you want to just see the traffic over time split by status, it’s easy. If you want to drill down several times and see why so many Belgian’s were on the site yesterday, what URL’s they were looking at, what referer they came in on… well all that is just as easy.


The most revolutionary thing that distinguishes Sideview Web Analytics from other Splunk apps you might have seen, is that when you drill down from a complex report, you’re never taken to the raw events. While the terms you click on do get entered into the form fields automatically, you’ll actually remain in the reporting interface. In other words you never get kicked out of that driver’s seat which means you can just keep clicking and keep drilling down, and keep pivoting around and learning things from your data. On the other hand for the more advanced users who *want* to go down to the raw nuts and bolts of the Splunk search language, the app gives you links to break out of the pretty UI and see the raw searches. Drive the car or look under the hood, it’s your choice.

Note that the app can also be integrated with other Splunk apps that offer geolocation functionality so it’s as easy to create reports by city and country as it is by clientip and useragent.

Supported Sourcetypes

Note that out of the box the app is designed to work only with the common “access” sourcetypes. If you would like to analyze IIS logs, or BigIP logs, just contact us and we can help you set that up. We get these requests a lot so in the long term we are planning on expanding the support out of the box to include these other common sourcetypes. Note that you can help us get there faster if you’re willing to share sample logs from your systems.


A license for the full version of the app is $1000 for a 2 year enterprise license.  Contact us with any questions, and make sure to take the 90 day trial for a test drive today.