Re: Splunk Maps plotting using physical address (n...

RyanDonnelly22 · ‎06-22-2021

I am trying to create a map visualization from a list of data that has the the physical address of the event in a filed named 'location'

| inputlookup data.csv | table location |

Example data

Earth
Wytheville, VA
Boston, MA
1 Main St, Waltham, Massachusetts
Mexico City, Mexico
Wellington St, Ottawa, ON K1A 0A9, Canada

I want to talk these physical addresses and add them to the Map Visualization in Splunk, but am not seeing how to add the data to the chart.

Funderburg78 · ‎06-22-2021

you need to identify the LAT and LONG. Ordinarily splunk will perform a whois call and determine the lat/long of the domain the ip is associated with if connected to the internet. If you want to do this differently, I think you need to apply lat/long yourself. I do not believe there is an automatic lookup. there are a couple ways you can accomplish this. You can build your own lookup table to convert addresses to a lat/long or you can just input the lat/long directly into the data if it is something like a spreadsheet.

For reading about chloropleth maps:

https://www.splunk.com/en_us/blog/tips-and-tricks/mapping-with-splunk.html

Splunk Maps plotting using physical address (not IP Address)

chart

other

table

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor

Introducing the 2024 SplunkTrust!