I am brand spanking new to Splunk and trying to learn the product so be patient....
I have been looking through the forums and Google and tried a lot of examples, but no go so far. I am sure it is something simple, but need guidance.
I am trying to get the results from this search to display on a map in Splunk. The goal is to show activity on a map.
src_geo=* | iplocation src_geo | geostats count by src_ip | sort -count
The search shows 442k for a 24 hour period in Events, but under Visualization/Map it shows No Results
What am I missing?
... View more