Dashboards & Visualizations
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk Maps plotting using physical address (not IP Address)

RyanDonnelly22
Explorer
‎06-22-2021 10:43 AM

I am trying to create a map visualization from a list of data that has the the physical address of the event in a filed named 'location' 

| inputlookup data.csv | table location |

Example data

  • Earth
  • Wytheville, VA
  • Boston, MA
  • 1 Main St, Waltham, Massachusetts
  • Mexico City, Mexico
  • Wellington St, Ottawa, ON K1A 0A9, Canada

I want to talk these physical addresses and add them to the Map Visualization in Splunk, but am not seeing how to add the data to the chart. 

 

Labels (2)
Labels
0 Karma
Reply

Funderburg78
Path Finder
‎06-22-2021 11:28 AM

you need to identify the LAT and LONG.  Ordinarily splunk will perform a whois call and determine the lat/long of the domain the ip is associated with if connected to the internet.  If you want to do this differently, I think you need to apply lat/long yourself.  I do not believe there is an automatic lookup.  there are a couple ways you can accomplish this.  You can build your own lookup table to convert addresses to a lat/long or you can just input the lat/long directly into the data if it is something like a spreadsheet.

 

For reading about chloropleth maps:

https://www.splunk.com/en_us/blog/tips-and-tricks/mapping-with-splunk.html

 

0 Karma
Reply
Get Updates on the Splunk Community!

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

  🚀 Your data just got a serious AI upgrade — are you ready? Say hello to the Agentic Era with the ...

Stronger Security with Federated Search for S3, GCP SQL & Australian Threat ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Accelerating Observability as Code with the Splunk AI Assistant

We’ve seen in previous posts what Observability as Code (OaC) is and how it’s now essential for managing ...