Splunk Search
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Cluster Map - Show Country Border

molla
Explorer
‎03-21-2025 06:41 AM

Hi Splunkers, 

I would like to display a count divided by several locations on a map. On the map, I would like only the outline of the country to be highlighted.
Is this possible with the cluster map view?

 

 

Labels (1)
Labels
0 Karma
Reply

tscroggins
Champion
‎03-23-2025 07:42 AM

Hi @molla,

The geo_countries lookup shipped with Splunk provides boundaries for countries. The tutorial at https://docs.splunk.com/Documentation/Splunk/latest/Viz/GenerateMap provides an example for counties, but you can replace the county references with country references:

| makeresults format=csv data="x,country
3,United States
5,United States
4,Canada
1,Canada
1,Mexico
2,Mexico"
| stats sum(x) by country
| geom geo_countries featureIdField=country

The output of geom can be used with choropleth maps in both classic (Simple XML) dashboards and Dashboard Studio.

You can use the inputlookup command to see the list of supported countries:

| inputlookup geo_countries
| table featureId
0 Karma
Reply

livehybrid
SplunkTrust
SplunkTrust
‎03-21-2025 08:31 AM

Hi @molla 

This isnt something you can do with a cluster map - although a Choropleth map does highlight the regions - but - the bins that it groups your stats into is quite cumbersome to manage. It might work well for what you need though? Have you already tried a Choropleth map?

Another option might be to use https://splunkbase.splunk.com/app/5166 Simple Map Viz app which looks like it should do what you are looking for. Please note that this is only for an XML (Not dashboard studio) dashboard.

Please let me know how you get on and consider adding karma to this or any other answer if it has helped.
Regards

Will

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

This challenge was first posted on Slack #puzzles channelFor BORE at .conf23, we had a puzzle question which ...

Splunk Community Badges!

  Hey everyone! Ready to earn some serious bragging rights in the community? Along with our existing badges ...

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

This puzzle (first published here) is based on matching timestamps to cron expressions.All the timestamps ...