hello everyone

Now I have been getting cluster Maps and Choropleth Maps generated , but a few issues with them.

q1.when I add the same command from search app to the panel in the dash I loose all the state/regions names too!! works with the zoom function, is that ok?

2.  query: why do I have multiple tiles of the same regions running through how can I just create the view where I can see regions only where events have occurred? Screenshot attached

I know the legend doesn't match the map as values show 0, but they change and seem to be ok after 10/15 mins, I dont know why!!

I am trying to search for failed/successful applications logins by region/city/or country.

my query:

index=a sourcetype=ab

| iplocation ip
| search status=failure AND connectionname=" ABwebsite"
| stats count by Country| geom geo_countries allFeatures=True featureIdField=Country

if I don't add ip, no values populate on the map, there's just color.

Thankyou for looking into the query.