Analysing your Apple Health Data with Splunk
The Apple Health App comes with some nice and quick standard graph views, but I want some more analysis and answers like:
- What was my first step with a iPhone
- How many steps did i do in total
- What is the average per day
- What was my highest day
- How does my steps, distance compare to last month or the same month last your (if available)
- How does my activity compare in the weekdays and weekend
- What is my most active hour on a day
- Is there an up going trend
- Are there outlier days
- How many Kilometers I walked
- ….
Export the Apple Health Data
First of all I need to export the data of the iPhone. This can be done in a couple simple steps:
- Start the Apple Health App
- Go to “Account Settings”, right upper corner.
- Click “Export Health Data”
- Click “Export”
- Wait for the preparing
- My choice was to Mail the data
- Save the attachment export.zip and unzip it
After the file was unzipped you should see two files; export.xml and export_cda.xml. For my analysis I will use the export.xml. Below a sample of single record rows for each of the three different standard Apple Health data points. In the export.xml file I also see some other types of data like “Clock”, “MyFitnessPal” and “Runkeeper”. These types are sharing data with the Health App, nice to know for other analysis 😆
|
1 2 3 |
<Record type="HKQuantityTypeIdentifierStepCount" sourceName="John’s iPhone" sourceVersion="10.1.1" device="<<HKDevice: 0x17028f0f0>, name:iPhone, manufacturer:Apple, model:iPhone, hardware:iPhone8,1, software:10.1.1>" unit="count" creationDate="2016-11-24 10:13:55 +0200" startDate="2016-11-24 09:55:10 +0200" endDate="2016-11-24 09:55:33 +0200" value="26"/> <Record type="HKQuantityTypeIdentifierFlightsClimbed" sourceName="John’s iPhone" sourceVersion="10.1.1" device="<<HKDevice: 0x170c92750>, name:iPhone, manufacturer:Apple, model:iPhone, hardware:iPhone8,1, software:10.1.1>" unit="count" creationDate="2016-11-24 12:02:37 +0200" startDate="2016-11-24 11:15:37 +0200" endDate="2016-11-24 11:15:37 +0200" value="1"/> <Record type="HKQuantityTypeIdentifierDistanceWalkingRunning" sourceName="John’s iPhone" sourceVersion="10.1.1" device="<<HKDevice: 0x170a99c30>, name:iPhone, manufacturer:Apple, model:iPhone, hardware:iPhone8,1, software:10.1.1>" unit="km" creationDate="2016-11-24 10:13:55 +0200" startDate="2016-11-24 09:55:10 +0200" endDate="2016-11-24 09:55:33 +0200" value="0.01788"/> |
Transform Apple Health data from XML to CSV
For transfrom the Apple Health data I found a nice python script on GitHub named applehealthdata.py created by Test-Driven Data Analysis, this script will do the trick. Copy the script or clone it from GitHub and run it as below.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 |
$ python applehealthdata.py export.xml Reading data from export.xml . . . done Tags: ExportDate: 1 Me: 1 Record: 37523 Workout: 9 Fields: HKCharacteristicTypeIdentifierBiologicalSex: 1 HKCharacteristicTypeIdentifierBloodType: 1 HKCharacteristicTypeIdentifierDateOfBirth: 1 HKCharacteristicTypeIdentifierFitzpatrickSkinType: 1 creationDate: 37532 device: 33844 duration: 9 durationUnit: 9 endDate: 37532 sourceName: 37532 sourceVersion: 37532 startDate: 37532 totalDistance: 9 totalDistanceUnit: 9 totalEnergyBurned: 9 totalEnergyBurnedUnit: 9 type: 37523 unit: 37330 value: 37524 workoutActivityType: 9 Record types: ActiveEnergyBurned: 51 BodyMass: 47 BodyMassIndex: 1 DietaryCalcium: 238 DietaryCarbohydrates: 238 DietaryCholesterol: 238 DietaryEnergyConsumed: 238 DietaryFatMonounsaturated: 238 DietaryFatPolyunsaturated: 238 DietaryFatSaturated: 238 DietaryFatTotal: 238 DietaryFiber: 238 DietaryIron: 238 DietaryPotassium: 238 DietaryProtein: 238 DietarySodium: 238 DietarySugar: 238 DietaryVitaminC: 238 DistanceWalkingRunning: 15647 FlightsClimbed: 2380 Height: 1 SleepAnalysis: 193 StepCount: 15633 Opening /DataAnalysis/python/AppleHealthData/DietaryCalcium.csv for writing Opening /DataAnalysis/python/AppleHealthData/SleepAnalysis.csv for writing Opening /DataAnalysis/python/AppleHealthData/DietaryCholesterol.csv for writing Opening /DataAnalysis/python/AppleHealthData/FlightsClimbed.csv for writing Opening /DataAnalysis/python/AppleHealthData/DietaryFiber.csv for writing Opening /DataAnalysis/python/AppleHealthData/DietaryFatPolyunsaturated.csv for writing Opening /DataAnalysis/python/AppleHealthData/BodyMass.csv for writing Opening /DataAnalysis/python/AppleHealthData/DistanceWalkingRunning.csv for writing Opening /DataAnalysis/python/AppleHealthData/StepCount.csv for writing Opening /DataAnalysis/python/AppleHealthData/DietaryCarbohydrates.csv for writing Opening /DataAnalysis/python/AppleHealthData/DietaryEnergyConsumed.csv for writing Opening /DataAnalysis/python/AppleHealthData/DietaryPotassium.csv for writing Opening /DataAnalysis/python/AppleHealthData/BodyMassIndex.csv for writing Opening /DataAnalysis/python/AppleHealthData/DietaryFatTotal.csv for writing Opening /DataAnalysis/python/AppleHealthData/DietaryFatSaturated.csv for writing Opening /DataAnalysis/python/AppleHealthData/DietaryVitaminC.csv for writing Opening /DataAnalysis/python/AppleHealthData/DietarySodium.csv for writing Opening /DataAnalysis/python/AppleHealthData/Height.csv for writing Opening /DataAnalysis/python/AppleHealthData/DietaryFatMonounsaturated.csv for writing Opening /DataAnalysis/python/AppleHealthData/DietaryProtein.csv for writing Opening /DataAnalysis/python/AppleHealthData/DietarySugar.csv for writing Opening /DataAnalysis/python/AppleHealthData/ActiveEnergyBurned.csv for writing Opening /DataAnalysis/python/AppleHealthData/DietaryIron.csv for writing Written DietaryCalcium data. Written SleepAnalysis data. Written DietaryCholesterol data. Written DietaryIron data. Written FlightsClimbed data. Written DietaryFiber data. Written DietaryFatPolyunsaturated data. Written BodyMass data. Written DistanceWalkingRunning data. Written StepCount data. Written DietaryCarbohydrates data. Written DietaryEnergyConsumed data. Written DietaryPotassium data. Written DietaryFatTotal data. Written DietaryFatSaturated data. Written DietaryVitaminC data. Written DietarySodium data. Written Height data. Written DietaryFatMonounsaturated data. Written DietaryProtein data. Written DietarySugar data. Written ActiveEnergyBurned data. Written BodyMassIndex data. $ |
This is how the first rows look like from the StepCount.csv file:
|
1 2 3 4 5 6 7 8 9 10 11 12 |
$ head StepCount.csv sourceName,sourceVersion,device,type,unit,creationDate,startDate,endDate,value "John’s iPhone","10.1.1","<<HKDevice: 0x17028f0f0>, name:iPhone, manufacturer:Apple, model:iPhone, hardware:iPhone8,1, software:10.1.1>","StepCount","count",2016-11-24 10:13:55 +0200,2016-11-24 09:55:10 +0200,2016-11-24 09:55:33 +0200,26 "John’s iPhone","10.1.1","<<HKDevice: 0x17028f960>, name:iPhone, manufacturer:Apple, model:iPhone, hardware:iPhone8,1, software:10.1.1>","StepCount","count",2016-11-24 10:13:55 +0200,2016-11-24 10:10:09 +0200,2016-11-24 10:11:11 +0200,114 "John’s iPhone","10.1.1","<<HKDevice: 0x17028e6a0>, name:iPhone, manufacturer:Apple, model:iPhone, hardware:iPhone8,1, software:10.1.1>","StepCount","count",2016-11-24 10:13:55 +0200,2016-11-24 10:11:11 +0200,2016-11-24 10:12:13 +0200,105 "John’s iPhone","10.1.1","<<HKDevice: 0x17028df20>, name:iPhone, manufacturer:Apple, model:iPhone, hardware:iPhone8,1, software:10.1.1>","StepCount","count",2016-11-24 10:13:55 +0200,2016-11-24 10:12:13 +0200,2016-11-24 10:13:19 +0200,25 "John’s iPhone","10.1.1","<<HKDevice: 0x17028bbd0>, name:iPhone, manufacturer:Apple, model:iPhone, hardware:iPhone8,1, software:10.1.1>","StepCount","count",2016-11-24 10:49:04 +0200,2016-11-24 10:13:19 +0200,2016-11-24 10:22:42 +0200,108 "John’s iPhone","10.1.1","<<HKDevice: 0x1702904a0>, name:iPhone, manufacturer:Apple, model:iPhone, hardware:iPhone8,1, software:10.1.1>","StepCount","count",2016-11-24 10:49:04 +0200,2016-11-24 10:33:57 +0200,2016-11-24 10:42:33 +0200,89 "John’s iPhone","10.1.1","<<HKDevice: 0x17428d4d0>, name:iPhone, manufacturer:Apple, model:iPhone, hardware:iPhone8,1, software:10.1.1>","StepCount","count",2016-11-24 12:02:37 +0200,2016-11-24 10:42:33 +0200,2016-11-24 10:52:32 +0200,329 "John’s iPhone","10.1.1","<<HKDevice: 0x174289880>, name:iPhone, manufacturer:Apple, model:iPhone, hardware:iPhone8,1, software:10.1.1>","StepCount","count",2016-11-24 12:02:37 +0200,2016-11-24 11:07:47 +0200,2016-11-24 11:17:12 +0200,284 "John’s iPhone","10.1.1","<<HKDevice: 0x174290180>, name:iPhone, manufacturer:Apple, model:iPhone, hardware:iPhone8,1, software:10.1.1>","StepCount","count",2016-11-24 12:02:37 +0200,2016-11-24 11:22:00 +0200,2016-11-24 11:30:54 +0200,89 $ |
Finally I have export and transformed the data and can I do some analysis.
This post is not going in detail to install, setup and configure Splunk. If you had some questions about the details contact me with the social media icons on the right lower corner on my site.
Splunk
I created a new index (apple) and a new App (Apple Health). For now I will only add the StepCount.csv and DistanceWalkingRunning.csv data to the apple index.
New Index:
Select Settings > indexes > New index
- Index name (apple)
- Save
New App:
Select Apps > Manage Apps > Create App
- Name (Apple Health)
- Folder Name (apple_health)
- Save
Upload data:
Splunk works time based and needs a timestamp of the data when it is indexed. The “endDate” is one of the field headers of StepCount.csv.
I want to setup a new souretype “csv:apple:health” with the “endDate” as TIMESTAMP_FIELDS, because Splunk was not recognised the timestamp or choses one of the three timestamps from the data and I want control of which timestamp will be used.
Select Settings > Add Data (icon) > Upload > Select File
Next > Change timestamp > Advanced >
- Timestamp field (endDate)
- Save as (csv:apple:health)
- Next
- Host field value (change to the value of the host where the data is coming from, in my case johns_iphone)
- Index (apple)
- Review
- Submit
The data is indexed and lets run the first search in SPL (Splunk’s Search Processing Language), and answer some of the above questions.
What was my first step with the iPhone
|
1 2 |
index="apple" sourcetype="csv:apple:health" source="StepCount.csv" host="johns_iphone" | stats earliest(_time) As _time |
Let’s save it to a dashboard panel. This is the first panel we wil saving, so there is no existing dashboard, switch to new and create it directly, the next time we only have to choose existing.
How many steps did i do in total
|
1 2 |
index="apple" sourcetype="csv:apple:health" source="StepCount.csv" host="johns_iphone" | stats sum(value) As TotalSteps |
Save it to your dashboard.
What is the average per day
|
1 2 3 |
index="apple" sourcetype="csv:apple:health" source="StepCount.csv" host="johns_iphone" | timechart span=1d sum(value) as value | stats avg(value) AS AverageStepsPerDay |
Save it to your dashboard.
What was my highest day
|
1 2 3 4 5 6 |
index="apple" sourcetype="csv:apple:health" source="StepCount.csv" host="johns_iphone" | timechart span=1d sum(value) as value | eventstats max(value) as maxvalue | where value=maxvalue | eval date=strftime(_time,"%A %d %B %Y") | fields date |
Save it to your dashboard.
How does my steps, distance compare to last month or the same month last your (if available)
I do not have multiple year data so I can not compare the years, but if you have you can do the following. change span=1d to 1mon and group by date_year.
|
1 2 |
index="apple" sourcetype="csv:apple:health" source="StepCount.csv" host="johns_iphone" | timechart span=1mon sum(value) as value by date_year |
How does my activity compare in the weekdays and weekend
|
1 2 3 4 5 6 7 8 |
index="apple" sourcetype="csv:apple:health" source="StepCount.csv" host="johns_iphone" | stats sum(value) AS Value by date_wday | eval Weekend=if(date_wday="saturday" OR date_wday="sunday",Value,null()) | eval Weekday=if(date_wday!="saturday" AND date_wday!="sunday",Value,null()) | table date_wday Weekday Weekend | eval wd=case(date_wday=="monday",1, date_wday=="tuesday",2, date_wday=="wednesday",3, date_wday=="thursday",4, date_wday=="friday",5, date_wday=="saturday",6, date_wday=="sunday",7) | sort wd | fields - wd |
Go to the visualisation tab and change the visualisation to Bar chart, and do some formating.
Select Format > Stack mode > stacked
Save it to your dashboard.
What is my most active hour on a day
For this one it’s more visible for using a visualisation add-on.
Select App: Apple Health > Find more Apps
If you have internet connection from your Splunk machine you will be on the Splunk Apps Browser. Search for Punchcard and install it with your Splunk account. After the installation we have a new visualisation installed we will use.
|
1 2 |
index="apple" sourcetype="csv:apple:health" source="StepCount.csv" host="johns_iphone" | stats sum(value) as value by date_hour date_wday |
Change your visualisation to Punchcard.
Save it to your dashboard.
Is there an up going trend
For this one we want to do Linear Regression. For doing that we will create a macro, to mask the complexity of the underlying search. For creating the marco you need to go to:
Select Settings > Advanced search > Search Macros > New
And follow the steps on wiki.splunk.com.
|
1 2 3 4 5 6 |
index="apple" sourcetype="csv:apple:health" source="StepCount.csv" host="johns_iphone" | timechart sum(value) as value span=1d by source | rename StepCount.csv AS Steps | `lineartrend(_time,Steps)` | fields _time Steps newY | rename newY AS Trend |
Change the visualisation back to Line Chart.
Are there outlier days
Also for this one we need another visualisation, the used viz is inside a Toolkit with the name Machine Learning Toolkit. We must also install the Python for Scientific Computing Add-on before installing the Machine Learning Toolkit. Choose your appropriate version on the details tab and install both.
If everything go well you can choose between another five visualisations on the visualisation tab.
|
1 2 3 4 5 6 7 8 |
index="apple" sourcetype="csv:apple:health" source="StepCount.csv" host="johns_iphone" | timechart span=1d sum(value) as Value | eventstats median("Value") as median p25("Value") as p25 p75("Value") as p75 | eval IQR=(p75-p25) | eval lowerBound=(p25-(IQR*1.5)) | eval upperBound=(p75+(IQR*1.5)) | eval isOutlier=if('Value' < lowerBound OR 'Value' > upperBound, 1, 0) | table _time Value lowerBound upperBound |
Change the visualisation to Outliers Chart.
How many Kilometers I walked
|
1 2 |
index="apple" sourcetype="csv:apple:health" source="DistanceWalkingRunning.csv" host="johns_iphone" | stats sum(value) AS KM |
Finally
With some rearrangement on the dashboard and adding extra add-ons and some filters you finally have a complete dashboard of your Apple Health Step Data.
Installed add-ons
Have fun with playing around as you can do a lot more with the Apple Health data, maybe you have a HeartRate.csv or SleepAnalysis.csv. If you have questions do not hesitate to contact me with one of the social media icons on my site.
The Splunk App I created is available on my GitHub.
I will share other tools (e.q. Python, R or Tableau) as soon as possible on my blog with this data. Stay tuned for the posts.
I’m creative, imaginative, free-thinking, daydreamer and strategic who needs freedom, peace and space to brainstorm and to fantasize about new and surprising solutions. Generates ideas and solves difficult problems, sees all options, judges accurately and wants to get to the bottom of things.
Interested in Data Science, Data Analytics, Running, Crossfit, Obstacle Running and Coffee.
One comment on “Analysing your Apple Health Data with Splunk”
Comments are closed.