Is the Geostats command supported by this visualization type for displaying city names in cluster bubbles? It seems not.

Here is the command I am using for my result:

| (some result that produces destination IP's and a total count by them)
| iplocation prefix=dest_iploc_ dest_ip
| eval dest_Region_Country=dest_iploc_Region.", ".dest_iploc_Country
| geostats globallimit=0 locallimit=15 binspanlat=21.5 binspanlong=21.5 longfield=dest_iploc_lon latfield=dest_iploc_lat sum(Total) BY dest_Region_Country

In the search result visualization (which uses the old dashboard cluster map visualization and not the new dashboard studio one), this returns a proper cluster map showing this:

There are bubbles showing areas on the grid where there were a lot of total connections. When moused over I can see the individual regions/cities contributing to this total. However, when I put this query into my Dashboard Studio visualization using Map > Bubble, it either breaks (when there are too many city values... because there are as many cities as there are), or when I change the grouping to use countries for example, it breaks in a different way when it tries to alphabetize all the countries under each bubble, like this:

(I am obviously mousing over a bubble in Bogota, Colombia here, not Busan, South Korea or anywhere in Germany.)

Not to mention the insane lag caused by this dashboard element.

What to do for my use-case? Switch off of Dashboard Studio?

That aside, anyone figure out a way to make interconnected bubbles/points showing sources and destinations like this (this is not intended as an ad, but an example)?