Dashboards & Visualizations
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Cluster map

gjhaaland
Explorer
‎11-07-2023 07:47 AM

Hi,

I  have created a Cluster Map that show number of counts  based on number of ASA blocked actions.  The circle size is based on number of hits. A bigger circle represent more counts than a small circle.  So far so good. It looks ok, but would be even better if I could change color based on number of counts/hits. 

Is it also possible change color based on destination portnumber (80,23,22++) 

 

Thanks 

Geir

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

bowesmana
SplunkTrust
SplunkTrust
‎11-08-2023 02:24 PM

In the Splunkbase site details tab there is a link to the github documentation

https://github.com/sghaskell/maps-plus

Also, there are lots of examples in the app itself, so you can look at those searches to see how they are producing things.

View solution in original post

0 Karma
Reply
Solved! Jump to solution

gjhaaland
Explorer
‎11-09-2023 01:17 AM

Thanks 

0 Karma
Reply
Solved! Jump to solution

bowesmana
SplunkTrust
SplunkTrust
‎11-07-2023 05:26 PM

If you want to get a lot of flexibility with maps, then use the maps+ vizualisation

https://splunkbase.splunk.com/app/3124

You have a number of options for defining colour by adding your colour values to the rows of your results

 

0 Karma
Reply
Solved! Jump to solution

gjhaaland
Explorer
‎11-08-2023 01:03 AM

Hi,

Thanks.  I have installed the image but it looks some difficult to use it.  Is it possible to get manual or description how to use it? 

Rgds

Geir

0 Karma
Reply
Solved! Jump to solution
Solution

bowesmana
SplunkTrust
SplunkTrust
‎11-08-2023 02:24 PM

In the Splunkbase site details tab there is a link to the github documentation

https://github.com/sghaskell/maps-plus

Also, there are lots of examples in the app itself, so you can look at those searches to see how they are producing things.

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk MCP & Agentic AI: Machine Data Without Limits

  Discover how the Splunk Model Context Protocol (MCP) Server can revolutionize the way your organization ...

Finding Based Detections General Availability

Overview  We’ve come a long way, folks, but here in Enterprise Security 8.4 I’m happy to announce Finding ...

Get Your Hands Dirty (and Your Shoes Comfy): The Splunk Experience

Hands-On Learning and Technical Seminars  Sometimes, you just need to see the code. For those looking for a ...