Dashboards & Visualizations
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Cluster map

gjhaaland
Explorer
‎11-07-2023 07:47 AM

Hi,

I  have created a Cluster Map that show number of counts  based on number of ASA blocked actions.  The circle size is based on number of hits. A bigger circle represent more counts than a small circle.  So far so good. It looks ok, but would be even better if I could change color based on number of counts/hits. 

Is it also possible change color based on destination portnumber (80,23,22++) 

 

Thanks 

Geir

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

bowesmana
SplunkTrust
SplunkTrust
‎11-08-2023 02:24 PM

In the Splunkbase site details tab there is a link to the github documentation

https://github.com/sghaskell/maps-plus

Also, there are lots of examples in the app itself, so you can look at those searches to see how they are producing things.

View solution in original post

0 Karma
Reply
Solved! Jump to solution

gjhaaland
Explorer
‎11-09-2023 01:17 AM

Thanks 

0 Karma
Reply
Solved! Jump to solution

bowesmana
SplunkTrust
SplunkTrust
‎11-07-2023 05:26 PM

If you want to get a lot of flexibility with maps, then use the maps+ vizualisation

https://splunkbase.splunk.com/app/3124

You have a number of options for defining colour by adding your colour values to the rows of your results

 

0 Karma
Reply
Solved! Jump to solution

gjhaaland
Explorer
‎11-08-2023 01:03 AM

Hi,

Thanks.  I have installed the image but it looks some difficult to use it.  Is it possible to get manual or description how to use it? 

Rgds

Geir

0 Karma
Reply
Solved! Jump to solution
Solution

bowesmana
SplunkTrust
SplunkTrust
‎11-08-2023 02:24 PM

In the Splunkbase site details tab there is a link to the github documentation

https://github.com/sghaskell/maps-plus

Also, there are lots of examples in the app itself, so you can look at those searches to see how they are producing things.

0 Karma
Reply
Get Updates on the Splunk Community!

New Year, New Changes for Splunk Certifications

As we embrace a new year, we’re making a small but important update to the Splunk Certification ...

[Puzzles] Solve, Learn, Repeat: Unmerging HTML Tables

[Puzzles] Solve, Learn, Repeat: Unmerging HTML TablesFor a previous puzzle, I needed some sample data, and ...

Enterprise Security (ES) Essentials 8.3 is Now GA — Smarter Detections, Faster ...

As of today, Enterprise Security (ES) Essentials 8.3 is now generally available, helping SOC teams simplify ...