- Apps and Add-ons
- :
- All Apps and Add-ons
- :
- Re: How do i create cluster map using cities geo l...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How do i create cluster map using cities geo locations in a csv
Hi All,
I have a list of cities from this open source https://www.maxmind.com/en/free-world-cities-database link. In my data, i have the names of cities for each event and I, therefore, want to create a map when a city is mentioned so i can see how many of X events per city and create a world map.
I have uploaded this txt file and saved it in a lookup table in Splunk as a .csv and i am wondering does anyone know how to do the rest?
I have an idea but a help would be great thanks.
Colin
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This app will be helpful:
https://splunkbase.splunk.com/app/3124/
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
here is some documentation to follow. https://docs.splunk.com/Documentation/SplunkCloud/6.6.3/Viz/MarkerMap
in your csv, based on the data from maxmind, you should have the latitude and longitude.
use basesearch|geostats latfield=latitude longfield=longitude count
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you @cmerriman
I will look into this. Turns out i am being to detailed and all i really need to do is create a csv and then use a search to cross reference this csv which has about 20 rows like the following example
office code office country Lattitude Longitude
US-CA California US 36.778261 -119.4179324
So if i wanted to create a cluster map from data that has the office code, have you suggestions how I would do this? I know its using lookup& possibly geostats but i am unsure how to build the map from something that is not an IP address.
thanks so much
C.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
if your data has the office code, you can join it to your csv with something like this:
index=office_code_data
|table office_code other_interesting_fields
|join office_code [|inputlookup office_code.csv]
|geostats latfield=latitude longfield=longitude count
Detecting Remote Code Executions With the Splunk Threat Research Team
Observability | Use Synthetic Monitoring for Website Metadata Verification
More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk
