Hi All, Please let me know to which source or sourcetype the _geo field belongs to? I want this for second search query to achieve google map Drill down. Or any other suggestions to achive the Drill down in Google Map??
It is usually created by the geoip lookup, see the documentation that actually comes with the Google Maps app: http://splunk-base.splunk.com/apps/22365/google-maps
geoip
