How to define colors as per ranges using rangemap ...

SanthoshSreshta · ‎05-18-2015

Hi All.

I want alerts to be displayed on map for easy understanding.
i have used this Query

source="Churn_Map.csv" sourcetype="Churn_map" 
| eval Churn = if(Churn="True.","1","0") 
| eventstats sum(Churn) as true_churn , count(Churn) as total_churn by state 
| eval prop= true_churn*100 / total_churn 
| geostats values(prop) by StateName globallimit=0
| rangemap field=prop green=0-5 yellow=6-10 orange=11-15 default=red

but colors are not displaying as i defined. any improvements.?
the values are from min 5 to max 20. so i need alerts to seen on pie charts on map,by default it is showing some colors.
Green : 0-5
Yellow : 6-10
Orange :11-15
Red : 16 and above.
any reference documents and links are really appreciated 🙂

Thanks,
Santhosh.

jaracan · ‎03-08-2018

Because the field "prop" is not existing anymore. You can add the "as" on your command to name it as prop again.

Something like this.
| geostats values(prop) as prop by StateName globallimit=0

vganjare · ‎05-19-2015

Can you please check the answer provided in http://answers.splunk.com/answers/232462/how-to-display-a-range-in-color-good-or-fault.html

SanthoshSreshta · ‎05-19-2015

I am not able to understand that @vganjare

How to define colors as per ranges using rangemap in geostats map.?

Introducing the Splunk Community Dashboard Challenge!

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer Certification at ...