Dashboards & Visualizations
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk Maps plotting using physical address (not IP Address)

RyanDonnelly22
Explorer
‎06-22-2021 10:43 AM

I am trying to create a map visualization from a list of data that has the the physical address of the event in a filed named 'location' 

| inputlookup data.csv | table location |

Example data

  • Earth
  • Wytheville, VA
  • Boston, MA
  • 1 Main St, Waltham, Massachusetts
  • Mexico City, Mexico
  • Wellington St, Ottawa, ON K1A 0A9, Canada

I want to talk these physical addresses and add them to the Map Visualization in Splunk, but am not seeing how to add the data to the chart. 

 

Labels (2)
Labels
0 Karma
Reply

Funderburg78
Path Finder
‎06-22-2021 11:28 AM

you need to identify the LAT and LONG.  Ordinarily splunk will perform a whois call and determine the lat/long of the domain the ip is associated with if connected to the internet.  If you want to do this differently, I think you need to apply lat/long yourself.  I do not believe there is an automatic lookup.  there are a couple ways you can accomplish this.  You can build your own lookup table to convert addresses to a lat/long or you can just input the lat/long directly into the data if it is something like a spreadsheet.

 

For reading about chloropleth maps:

https://www.splunk.com/en_us/blog/tips-and-tricks/mapping-with-splunk.html

 

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk MCP & Agentic AI: Machine Data Without Limits

  Discover how the Splunk Model Context Protocol (MCP) Server can revolutionize the way your organization ...

Finding Based Detections General Availability

Overview  We’ve come a long way, folks, but here in Enterprise Security 8.4 I’m happy to announce Finding ...

Get Your Hands Dirty (and Your Shoes Comfy): The Splunk Experience

Hands-On Learning and Technical Seminars  Sometimes, you just need to see the code. For those looking for a ...