Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Does the GoogleMap apps only work if Lat and Long has IP Information?

chienly
New Member
‎02-22-2011 05:44 PM

Hi,

Just wondering if anyone here knows if the GoogleMap apps can take in longitude and latitude data without any IP Addresses and still map them?

I just want to know if it can map a location directly with just the longitude and Latitude coordinates taken from a csv file?

Thanks,

-Chien

Tags (2)
0 Karma
Reply

ziegfried
Influencer
‎02-22-2011 05:56 PM

Plotting events on a map does not depend on an IP address. The current version of the module need the fields _lat (latitude) and _lng (longitude) to available in the final results.

The content of the fields has to be the degrees of latitude/longitude as a floating point number: eg 47.11

Other notations (eg. degrees°,minutes',...) are not supported.

The geonormalize command helps when the location information is not present in the _lat and _lng fields as it detects different patterns of field names where the information could be found and populates the _lat/_lng fields. When using the maps view (the default view of the app) or any other view where the module setting autoPostProcess is turned on, the geonormalize command is automatically added to the search.

Note: In the upcomming 1.1 release of the app, the module will use a single field called _geo containing the combined latitude and longitude information instead of the 2 fields (_lat and _lng). The values have to separated by a comma. So for example a _geo field value of 47.11,8.15 would be valid.

Reply

ziegfried
Influencer
‎02-25-2011 08:47 AM

Can you add the csv data and the search your're using to map it to your question?

0 Karma
Reply

chienly
New Member
‎02-24-2011 05:38 PM

Thanks for the followup Ziegfried!

I have following data indexed in a csv file with the _lat and _lng field but it still did not seem to pick up coordinates to plot on the graph?

Here's a sample:

store_number _lat _lng
8001 -71.385908 42.29663
9999 37.784132 -122.395913
47 42.307 -71.3989
50 42.4988879 -71.1211728

Does the number contain too many digits after the decimal or does the leading negative sign cause any issue?

Thanks again,
Chien

0 Karma
Reply
Get Updates on the Splunk Community!

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

Take a look below to explore our upcoming Community Office Hours, Tech Talks, and Webinars this month. This ...

They're back! Join the SplunkTrust and MVP at .conf24

With our highly anticipated annual conference, .conf, comes the fez-wearers you can trust! The SplunkTrust, as ...

Enterprise Security Content Update (ESCU) | New Releases

Last month, the Splunk Threat Research Team had two releases of new security content via the Enterprise ...