Dashboards & Visualizations
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Custom Real-Time Threat Map

jillian_caglios
Explorer
‎02-11-2015 08:03 AM

I want to create a custom real-time threat map similar to FireEye's - https://www.fireeye.com/cyber-map/threat-map.html or Norse's - http://map.ipviking.com using the data in Splunk. I have some very simple .js code that uses the Google Maps API and random data to create a similar map. However, I can’t seem to figure out how to run the .js code within Splunk. Furthermore, I can’t use the data from Splunk to populate the map. I would appreciate any suggestions or tips on how to do this in the simplest way possible.

Reply

LukeMurphey
Champion
‎02-11-2015 08:47 AM

I don't understand this: "I can’t use the data from Splunk to populate the map". Are you saying the data isn't in Splunk?

0 Karma
Reply

jillian_caglios
Explorer
‎02-11-2015 08:57 AM

The data is in Splunk and I can find it via the search feature. However, I can't figure out to get the custom code into Splunk, or how to get the search results into the code. Does this clarify things for you?

0 Karma
Reply

LukeMurphey
Champion
‎02-11-2015 08:47 AM

Splunk has a map built-in that you can use in simpleXML. You can use the geostats command with it to generate the stats in geographical bins and then hand the results to the map for rendering.

Reply

jillian_caglios
Explorer
‎02-11-2015 08:54 AM

LukeMurphey, Thanks you for the reply. I'm aware of this feature, but it doesn't meet our business need. We need to have lines animated from src to dst based on the geostats results. There are 4 types of unrelated lines that will have corresponding colors.

Splunk maps only allows for markers on one location, and it cannot handle the 4 different search results. It can only present the different search results as a pie chart, which would have little meaning. Because of this, I think I am going to have write some custom code to complete the job. If I could just figure out how to run javascript code in Splunk.

0 Karma
Reply

bk028s
Path Finder
‎07-19-2016 02:07 PM

Hi Jillian,

I'm actually working on a very similar problem right now and was wondering if you ever found a solution to your issue?

0 Karma
Reply

pmloikju
Explorer
‎08-14-2015 06:51 AM

Hi,

Have you achieve your projet ?

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey

Can’t make it to .conf25? Join us online!

Watch Global Broadcast
Get Updates on the Splunk Community!

Calling All Security Pros: Ready to Race Through Boston?

Hey Splunkers, .conf25 is heading to Boston and we’re kicking things off with something bold, competitive, and ...

Beyond Detection: How Splunk and Cisco Integrated Security Platforms Transform ...

Financial services organizations face an impossible equation: maintain 99.9% uptime for mission-critical ...

Customer success is front and center at .conf25

Hi Splunkers, If you are not able to be at .conf25 in person, you can still learn about all the latest news ...