Archive

Google Maps App Not Showing Results

Path Finder

I have installed the Google Maps app, I also have the MAXMIND app installed as well. When I perform a search such as: sourcetype="iis_w3c_default" | geoip c_ip, where c_ip is the fieldname with the ip address of the client connections, it will not show any results on the map.

I am running this search from within the Google Maps app. Any clues would be appreciated. Thanks.

Tags (1)
1 Solution

Splunk Employee
Splunk Employee

It looks like you would want to run the command in this way from within the Google Maps app:

sourcetype=access_combined | lookup geoip clientip | geonormalize

So for your situation:

sourcetype="iis_w3c_default" | lookup geoip c_ip | geonormalize

View solution in original post

Path Finder

the c_ip field contains the external IP addresses of the client upon connection.

I would rather not post exact examples since they contain secure data. I can say however that I'm not getting any fields that contain lat,long for the ip addresses when doing:

host="" | geoip

I do get client_lat,client_lon when doing:

host="" | lookup geoip clientip as c_ip | geonormalize

This does not show any results on the map when in the Google Maps search.

0 Karma

Influencer

What IP addresses are in this c_ip field exactly? Can you post some examples. Whats the result when performing the ... | geoip search in the search app?

0 Karma

Splunk Employee
Splunk Employee

It looks like you would want to run the command in this way from within the Google Maps app:

sourcetype=access_combined | lookup geoip clientip | geonormalize

So for your situation:

sourcetype="iis_w3c_default" | lookup geoip c_ip | geonormalize

View solution in original post

Path Finder

it looks like the geoip function of lookup only supports the fields:

clientip client_country client_region client_city client_lat client_lon

So I renamed the c_ip field to clientip and still receive no results.

sourcetype="iis_w3c_default" | eval clientip=c_ip | lookup geoip clientip | geonormalize

0 Karma