Dashboards & Visualizations
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Cluster map

gjhaaland
Explorer
‎11-07-2023 07:47 AM

Hi,

I  have created a Cluster Map that show number of counts  based on number of ASA blocked actions.  The circle size is based on number of hits. A bigger circle represent more counts than a small circle.  So far so good. It looks ok, but would be even better if I could change color based on number of counts/hits. 

Is it also possible change color based on destination portnumber (80,23,22++) 

 

Thanks 

Geir

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

bowesmana
SplunkTrust
SplunkTrust
‎11-08-2023 02:24 PM

In the Splunkbase site details tab there is a link to the github documentation

https://github.com/sghaskell/maps-plus

Also, there are lots of examples in the app itself, so you can look at those searches to see how they are producing things.

View solution in original post

0 Karma
Reply
Solved! Jump to solution

gjhaaland
Explorer
‎11-09-2023 01:17 AM

Thanks 

0 Karma
Reply
Solved! Jump to solution

bowesmana
SplunkTrust
SplunkTrust
‎11-07-2023 05:26 PM

If you want to get a lot of flexibility with maps, then use the maps+ vizualisation

https://splunkbase.splunk.com/app/3124

You have a number of options for defining colour by adding your colour values to the rows of your results

 

0 Karma
Reply
Solved! Jump to solution

gjhaaland
Explorer
‎11-08-2023 01:03 AM

Hi,

Thanks.  I have installed the image but it looks some difficult to use it.  Is it possible to get manual or description how to use it? 

Rgds

Geir

0 Karma
Reply
Solved! Jump to solution
Solution

bowesmana
SplunkTrust
SplunkTrust
‎11-08-2023 02:24 PM

In the Splunkbase site details tab there is a link to the github documentation

https://github.com/sghaskell/maps-plus

Also, there are lots of examples in the app itself, so you can look at those searches to see how they are producing things.

0 Karma
Reply
Get Updates on the Splunk Community!

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

Splunk Decoded: Business Transactions vs Business IQ

It’s the morning of Black Friday, and your e-commerce site is handling 10x normal traffic. Orders are flowing, ...

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...