Hi, I want to map internal IP ranges (10.0.0.0/24, 192.168.0.0/16 etc.) to geo coordinates.
For example if my client ip is 192.168.75.2, it may lookup to some coordinates (lat or longitude).
Is it possible? and how? thanks
Yes, it's possible.
You just need to populate the contents of the _lat
and _lng
fields used by the Google Maps app. You can use a lookup to populate the fields.
You can populate those fields with a scripted lookup under 4.1, or Splunk 4.2 allows CIDR in CSV-based lookups .
Yes, it's possible.
You just need to populate the contents of the _lat
and _lng
fields used by the Google Maps app. You can use a lookup to populate the fields.
You can populate those fields with a scripted lookup under 4.1, or Splunk 4.2 allows CIDR in CSV-based lookups .
Please note that as of Google Maps 1.1 this has changed. A single field _geo
containing both the latitude and the longitude separated by a comma is now used as location information.
Not at present. It's been requested before. I believe that ziegfried was working on that at one point, but you might be better off asking this as a separate question.
It works!..
Thanks a lot.
By the way, in google map, can we drill down the event count in the map? (click the number in the map and then direct to search that event). I try it but cannot.
Thx