Dashboards & Visualizations

How to display extracted data on a map using Splunk's geo-mapping feature?

rlough
Path Finder

Hey quick question,

I currently have extracted from my data a list of states (USA) and counts for each state. (ie AZ - 32, CA - 94, CO - 12, etc)

Is there any way to display this information using Splunk's geo-mapping feature?

Ideally I want to get something that looks like this:
Image

Thanks for the help!

mporath_splunk
Splunk Employee
Splunk Employee

Splunk 6.3 introduced Choropleth maps, which produce the map similar to the one shown above. See the Splunk user documentation or this blog post for more details

lguinn2
Legend

Not exactly. The geostats command uses latitude and longitude to calculate statistics (including a count). But it doesn't know about geopolitical boundaries (like states) and it doesn't use color in the same way as your example.

That said, if you could supply a lat/lon for each state, you could use geostats. A lookup table might be a good way to provide the lat/lon.

OR, if you have the skills, you could probably use Splunk's ability to leverage javascript to do something amazing.

a212830
Champion

I'm dealing with the same thing - going to try a lookup, using these:

http://dev.maxmind.com/geoip/legacy/codes/state_latlon/

0 Karma

martin_mueller
SplunkTrust
SplunkTrust

This might be adaptable for US states: https://apps.splunk.com/app/729/

0 Karma

rlough
Path Finder

That's too bad. Are there any apps that have this ability? I've made cloropleths in Google Maps before, so I have the XML for the boundaries of the states.

0 Karma

lguinn2
Legend

There is a Google Maps app. I'd poke around in the apps and see what you can find. After all, most are free to download and you can look at how they work!

In addition, I suggest these apps if you want to see how to do some fancy stuff and how to integrate javascript:

Splunk 6.x Dashboard Examples

Splunk Web Framework Toolkit

and the Google Maps app - although I don't think it will help much, it might...

Get Updates on the Splunk Community!

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

If you’ve ever deployed a new database cluster, spun up a caching layer, or added a load balancer, you know it ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Financial fraud isn't slowing down. If anything, it's getting more sophisticated. Account takeovers, credit ...

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

 Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...