Skip to main content


Splunk Lantern

Mobile device data


Given the array of always-active sensors on mobile devices, these devices provide a flood of data. Security teams can expand the threat landscape by monitoring mobile device data for abnormal activity in regards to authentication, location, and application usage. Mobile device data provides physical parameters such as location, network MAC ID, device GUID, device type, and OS version. They also include network settings such as address, AP or cell-base station location, and link performance. Application-specific telemetry such as time in app, features used and internal state and debug parameters similar to those provided by conventional application servers. Insights into mobile application data can help developers deliver a better performing mobile app.

Before looking at documentation for specific data sources, review the Splunk Docs information on general data ingestion: 

Use cases for the Splunk platform