The smart home has gone through quite a convergence in the last few years. Modern protocols like Z-Wave & ZigBee, along with mart hubs, and smart assistants like Amazon Alexa, Google Home & Apple Siri are finally bringing everything together to make the smart home a practical and reliable reality.
What had been still missing from the picture for me, is the ability to log, analyze, and visualize all the data that my smart home generated. I use Splunk (data capture and visualization tool) at work so I decided to give it a try at home and it’s worked out great.
Here’s a Splunk dashboard I created for my home, showing current and historical data from multiple data sources: energy meter, contact sensors, switches, weather data feed, Windows event logs, and some custom PowerShell scripts.
My SmartThings-based smart home setup:
Download and install Splunk. You will start with the Enterprise version which comes with a 60-Day Trial. After that you can switch to the Free edition. Splunk Free allows indexing up to 500 MB of data per day which has been sufficient for my home logging needs. For my setup I installed Splunk on a 14-year old Windows box with a Intel Core2 Quad CPU Q6600 @2.40GHz – Splunk indexing/query performance has been pretty acceptable.
If your install was successful, you should be able to log into Splunk web by navigating to http://localhost:8000 (or replace localhost with your Splunk server hostname).
If you want to monitor other computers, install Splunk Universal Forwarder on each of those computers. I’ll go through how to configure the Universal Forwarders in a future post.
The Splunk HTTP Event Collector is how we are going to send SmartThings events to Splunk. Follow the directions here to set it up. For my setup, I unchecked “Enable SSL”. Make sure you create an Authentication Token and note it down – you will need it later.
Send a test event so you can confirm that it’s working.
curl -k https://localhost:8088/services/collector/event -H "Authorization: Splunk B5A79AAD-D822-46CC-80D1-819F80D7BFB0" -d '{"event": "hello world"}'
A very cool benefit of using Samsung SmartThings is the ability to create your own SmartApps, or re-use SmartApp code written by others in the community. To send SmartThings events to Splunk, we will use SmartThingsSplunkLogger SmartApp code by Jason Hamilton/Brian Keifer:
At this point, if everything is working correctly, you should start seeing some SmartThings events in Splunk. You may need to wait 15 minutes for events to start coming in.
Splunk is fairly easy to use/learn so you should be able to learn the basics pretty quickly. If you are new to Splunk, try going through the Splunk Search Tutorial.
To get you started here are a few of the Splunk queries I use for my dashboard panels.
For the Current Power Consumption Radial Gauge, I use “stats latest(value)” to display the latest value from the Aeotec HEM G2 whole house energy monitor. I also limit the Time Range to the last 60 minutes since I am only interested in very recent data.
sourcetype=httpevent name=power deviceId="118c2de8-3256-44a6-96bd-d1547715fc92"
| stats latest(value)
For the Power Draw History panel, I use the timechart command to show a historical chart:
sourcetype=httpevent name=power deviceId="118c2de8-3256-44a6-96bd-d1547715fc92"
| timechart p50(value)
For the “Indoor Temperature” panel, the query uses a “by” cause to chart multiple series, one from each device. All of these devices are either contact sensors or moisture sensors that also have a temperature sensor built in.
sourcetype=httpevent name=temperature
| timechart avg(value) by device
Weather panels such as “Outdoor Temperature”, “Outdoor Humidity”, “Wind Speed” and Rain use data from openweathermap.org’s weather REST APIs. I wrote a PowerShell script that runs hourly to pull the data and appends to a log file, which is forwarded to Splunk. I will cover this in a future blog post.
For the “Contact Sensors & Switches” panel:
sourcetype=httpevent (name=contact OR name=switch)
| eval valueInt = case(value = "closed","1", value="open","2", value = "on","2", value="off","1")
| stats latest(valueInt) by device
“CPU Load” and “Network Bytes per Sec” panels use data from Windows Event Logs.
CPU Load:
sourcetype="Perfmon:CPU Load" | timechart avg(Value) by host
Network Bytes:
sourcetype="Perfmon:Network Interface" (counter="Bytes Sent/sec" OR counter="Bytes Received/sec") | timechart sum(Value) by host
“WAN Speed” panel shows hourly Internet speed test results from a custom PowerShell script.
Hope this helps you to get started and move your smart home to the next level. In future posts, I will write more about installing and configuring Splunk Universal Forwarders, sending other types of data to Splunk, including Windows Events Log, weather data from openweathermap.org, and custom PowerShell scripts to log other data as well as querying Splunk data and send out alerts if certain conditions are met.
If SmartThings events are not showing up in Splunk try looking at SmartThings Live Logging logs. Log into SmartThings Groovy IDE then choose Live Logging menu. When a SmartThing event occurs (such as when a door contact sensor is tripped), you should see a log entry written:
To list available contexts: kubectl config get-contexts To show the current context: kubectl config current-context…
kubectl exec -it <podname> -- sh To get a list of running pods in the…
# Create a soft symbolic link from /mnt/original (file or folder) to ~/link ln -s…
git config --global user.name "<your name>" git config --global user.email "<youremail@somewhere.com>" Related Commands Show current…
TypeScript/JavaScript function getLastMonday(d: Date) { let d1 = new Date(d.getFullYear(), d.getMonth() + 1, 0); let…
I had to do some SMTP relay troubleshooting and it wasn't obvious how to view…
View Comments
hello Chinh Do,
Thank you so much for the article.
Hi Kafui: Thanks for leaving me a note. Glad you find the article useful! Chinh
Very cool, mister. I could imagine creating multiple of these dashboards and have old tablets mounted to the wall showing this data wherever it's needed.
Thanks for leaving me a note, Bjørn. Yes that's exactly what I did with an old tablet.
Hello Chinh,
Thank you for this tutorial. While I followed the steps and I am seeing the data flow thru SmartThings Live Logging, I am not seeing the data on the Splunk Enterprise side. I did test pushing data locally on the Splunk server using curl and that data is reflected in Splunk. What else could I be missing ?
I solved it. Hostname was not getting resolved for some reason, switched it to the IP address and it started working like a charm. Thanks
Hi Raja, Glad to hear you got it working. Chinh
Chinh, with smartthings switching over recently to processing things locally on the hubs and moving more to matter centric automation, my live logging is no longer visible on hub. Splunk is no longer logging the data. Have you found a workaround for this?
Hi Jay, Yeah I just saw that it stopped working around Jan 11 of this year. I haven't looked into it but when I have some time I will take a look. Thanks