Splunk Dev

Is there a way to plot 2 or more gps lat long series on the same Map using geostats or any other command / option? I have not found any.

abhijitp
Path Finder

Hi,
I need to plot 3 gps lat long series on the same Map in Splunk.

eg. FIrst series will be say Equipment A reported GPS Lat Long
Second series will be say Equipment B reported GPS Lat long

I looked at geostats and it does not mention about multiple gps lat long series capabilities. i tried and it did not like it.

I am not really stuck on geostats. Any method to plot multiple (say max upto 4) on the same Map in Splunk is what I looking at?

Kindly point me and confirm my assumptions either way :
a) Splunk can only plot one gps series and that it
b) The way to plot multiple gps series is .....

Thanks a lot,
Abhi

Tags (1)
0 Karma

abhijitp
Path Finder

My guess is Splunk can only plot one gps lat long series using geostats in a single query. I tried combing a subquery with another geostats but Splunk did not like it.

0 Karma

somesoni2
Revered Legend

What's your current query for one equipment?

0 Karma

abhijitp
Path Finder

Thanks somesoni2.

my query is sourcetype=geo | geostats count latfield=QueriedLatitude longfield=QueriedLongitude maxzoomlevel=18

0 Karma

somesoni2
Revered Legend

Where does the differentiation happens for the equipments? If they can be differentiated using a field value, then geostats command provides option to do by <field>.

0 Karma

abhijitp
Path Finder

Ok. I have extracted these GPS lat log for various equipments and they are available as :
Equipment1 - QueriedLatitude and QueriedLongitude
Equipment2 - MatchedLatitude and MatchedLongitude

Sample log line:
32.88718,-117.17383,0,0.0,312,32.88718,-117.17383,off road,0,0.0,derived,0,0.0,0,0,null,1.0,2.9
which translates to
QueriedLatitude,QueriedLongitude,0,0.0,312,MatchedLatitude,MatchedLongitude,off road,0,0.0,derived,0,0.0,0,0,null,1.0,2.9

geostats allows only one instance of latfield and longfield.

0 Karma

abhijitp
Path Finder

I am not able to differentiate the two gps lat long series as shown above in the suggested geostats by option. I don't know how to do it.

0 Karma
Get Updates on the Splunk Community!

Detecting Remote Code Executions With the Splunk Threat Research Team

WATCH NOWRemote code execution (RCE) vulnerabilities pose a significant risk to organizations. If exploited, ...

Enter the Splunk Community Dashboard Challenge for Your Chance to Win!

The Splunk Community Dashboard Challenge is underway! This is your chance to showcase your skills in creating ...

.conf24 | Session Scheduler is Live!!

.conf24 is happening June 11 - 14 in Las Vegas, and we are thrilled to announce that the conference catalog ...