Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Cluster Map - Show Country Border

molla
Explorer
‎03-21-2025 06:41 AM

Hi Splunkers, 

I would like to display a count divided by several locations on a map. On the map, I would like only the outline of the country to be highlighted.
Is this possible with the cluster map view?

 

 

Labels (1)
Labels
0 Karma
Reply

tscroggins
Influencer
‎03-23-2025 07:42 AM

Hi @molla,

The geo_countries lookup shipped with Splunk provides boundaries for countries. The tutorial at https://docs.splunk.com/Documentation/Splunk/latest/Viz/GenerateMap provides an example for counties, but you can replace the county references with country references:

| makeresults format=csv data="x,country
3,United States
5,United States
4,Canada
1,Canada
1,Mexico
2,Mexico"
| stats sum(x) by country
| geom geo_countries featureIdField=country

The output of geom can be used with choropleth maps in both classic (Simple XML) dashboards and Dashboard Studio.

You can use the inputlookup command to see the list of supported countries:

| inputlookup geo_countries
| table featureId
0 Karma
Reply

livehybrid
SplunkTrust
SplunkTrust
‎03-21-2025 08:31 AM

Hi @molla 

This isnt something you can do with a cluster map - although a Choropleth map does highlight the regions - but - the bins that it groups your stats into is quite cumbersome to manage. It might work well for what you need though? Have you already tried a Choropleth map?

Another option might be to use https://splunkbase.splunk.com/app/5166 Simple Map Viz app which looks like it should do what you are looking for. Please note that this is only for an XML (Not dashboard studio) dashboard.

Please let me know how you get on and consider adding karma to this or any other answer if it has helped.
Regards

Will

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Mobile: Your Brand-New Home Screen

Meet Your New Mobile Hub  Hello Splunk Community!  Staying connected to your data—no matter where you are—is ...

Introducing Value Insights (Beta): Understand the Business Impact your organization ...

Real progress on your strategic priorities starts with knowing the business outcomes your teams are delivering ...

Enterprise Security (ES) Essentials 8.3 is Now GA — Smarter Detections, Faster ...

As of today, Enterprise Security (ES) Essentials 8.3 is now generally available, helping SOC teams simplify ...