Re: How to give specific color for each dot in Spl...

sandyIscream · ‎07-06-2018

Hi Splunkers!

We need to show the number of dots for each zip code in Splunk cluster map. On hover on each dot, we should show the zip code and mark the dots with a specific color.

I have a table like below.

zipcode latitude longitude Avg(percent1) avg(percent2) avg(percent3)

currently we are doing like this-

geostats latifield=latitude longfield=longitude count by zipcode.

Which is showing the number of count in the map but we are not able to restrict the color codes based on (avg%percent).

Could you please help me out here!

niketn · ‎07-07-2018

@sandyIscream, could you please add more details on how color needs to be applied? What role do the three fields play?

Avg(percent1) avg(percent2) avg(percent3)

If you can add some sample numbers/sla for colors that would be helpful.

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"

PowerPacked · ‎07-06-2018

Hi @sandyIscream

Can you try charting.fieldcolors like this.

<option name="charting.fieldColors">
      {"ERROR": 0xFF0000, "WARN": 0xFF9900, "INFO":0x009900, "NULL":0xC4C4C0}
    </option>

Thanks

sandyIscream · ‎07-07-2018

I have tried this trick. But my fields are generated dynamically. So hard-coding the values in charting.fieldColors will not work.

How to give specific color for each dot in Splunk cluster map ?

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases