All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Google Maps App Not Showing Results

justinhart
Path Finder
‎10-19-2010 04:00 PM

I have installed the Google Maps app, I also have the MAXMIND app installed as well. When I perform a search such as: sourcetype="iis_w3c_default" | geoip c_ip, where c_ip is the fieldname with the ip address of the client connections, it will not show any results on the map.

I am running this search from within the Google Maps app. Any clues would be appreciated. Thanks.

Tags (1)
Reply
1 Solution
Solved! Jump to solution
Solution

Simeon
Splunk Employee
Splunk Employee
‎10-19-2010 11:52 PM

It looks like you would want to run the command in this way from within the Google Maps app:

sourcetype=access_combined | lookup geoip clientip | geonormalize

So for your situation:

sourcetype="iis_w3c_default" | lookup geoip c_ip | geonormalize

View solution in original post

Reply
Solved! Jump to solution

justinhart
Path Finder
‎10-21-2010 12:24 PM

the c_ip field contains the external IP addresses of the client upon connection.

I would rather not post exact examples since they contain secure data. I can say however that I'm not getting any fields that contain lat,long for the ip addresses when doing:

host="" | geoip

I do get client_lat,client_lon when doing:

host="" | lookup geoip clientip as c_ip | geonormalize

This does not show any results on the map when in the Google Maps search.

0 Karma
Reply
Solved! Jump to solution

ziegfried
Influencer
‎10-20-2010 11:59 PM

What IP addresses are in this c_ip field exactly? Can you post some examples. Whats the result when performing the ... | geoip search in the search app?

0 Karma
Reply
Solved! Jump to solution
Solution

Simeon
Splunk Employee
Splunk Employee
‎10-19-2010 11:52 PM

It looks like you would want to run the command in this way from within the Google Maps app:

sourcetype=access_combined | lookup geoip clientip | geonormalize

So for your situation:

sourcetype="iis_w3c_default" | lookup geoip c_ip | geonormalize
Reply
Solved! Jump to solution

justinhart
Path Finder
‎10-20-2010 12:06 PM

it looks like the geoip function of lookup only supports the fields:

clientip client_country client_region client_city client_lat client_lon

So I renamed the c_ip field to clientip and still receive no results.

sourcetype="iis_w3c_default" | eval clientip=c_ip | lookup geoip clientip | geonormalize

0 Karma
Reply
Get Updates on the Splunk Community!

Index This | A sphere has three, a circle has two, and a point has zero. What is it?

September 2023 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

Build Scalable Security While Moving to Cloud - Guide From Clayton Homes

 Clayton Homes faced the increased challenge of strengthening their security posture as they went through ...

Mission Control | Explore the latest release of Splunk Mission Control (2.3)

We’re happy to announce the release of Mission Control 2.3 which includes several new and exciting features ...