- Splunk Answers
- :
- Using Splunk
- :
- Dashboards & Visualizations
- :
- DIfferent color markers on Clustermap for differen...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
DIfferent color markers on Clustermap for different status values
I am nw to splunk. I have a requirement to print different color dots for different status values for that count.
I have the following query which prints out pie chart, which is not the one I want. I want Green, BLue and Orange dots different status on the same map without the pie chart. Any Help appreciated. Thanks
| spath output=status path="data.irc"
| where status in (001,000,002,003)
| spath output=activity path="data.txnClassifier"
| where activity in ("ACTIVE","PASSIVE","PENDING")
| spath output=latitude path="data.lat"
| spath output=longitude path="data.lng"
| geostats latfield=latitude longfield = longitude count by activity.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@sanshy01, Please try out Clustered Single Value Map Visualization or Location Tracker Custom Visualization based on your use case and confirm.
| makeresults | eval message= "Happy Splunking!!!"
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I tried the Clustered Single Map Visualization, it works but the refresh flickers a lot and refreshing is not smooth, and I do not so many points per second. The Tracker does not meet the requirements that I have.
Any suggestions?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks @niketnilay, do these references are the app that I need to install, can I install this in Splunk cloud?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@sanshy01, You might have to reach out to Splunk Support for that. Meanwhile you should first test this in your POC or Dev/Test instance to ensure that it will satisfy the need. Location Tracker Custom Visualization is built by Splunk. Clustured Single Value Visualization is not built by Splunk but it supports a lot of customization.
| makeresults | eval message= "Happy Splunking!!!"
Introducing the Splunk Community Dashboard Challenge!
Get the T-shirt to Prove You Survived Splunk University Bootcamp
Wondering How to Build Resiliency in the Cloud?
