Splunk Search

Geostats by phone number

indeed_2000
Motivator

Hi

I have field in my log that call “MobileNumber” that need to show count of MobileNumber by location on map.

e.g: 00121234567 

Area code:0012

Number:1234567

if area code belong to Berlin 0151, 0157 or 0173. show total count of area code that belong Berlin on map.

if area code belong to Wolfsburg 0361 show total count of area code that belong Wolfsburg on map

FYI: Latitude, Longitude not exist in log file.

 

Any idea?

Thanks

Labels (4)
Tags (3)
0 Karma

Azeemering
Builder

This is not the full solution, but you could eval the longitude and latitude for each result.
Or use a lookup with all cities lon and lats.

Basic example

| makeresults
| eval City = "Berlin" |eval lat="52.520008" | eval lon="13.404954"
| geostats latfield=lat longfield=lon count

0 Karma

indeed_2000
Motivator

And how bind it to area code?

0 Karma

Azeemering
Builder

I'd say create a lookup with area codes and their respective longitudes and latitudes.
Splunk can do magic, but you need to feed it some ingredients to do magic with.

I found this as a possible source:

https://gist.github.com/iteufel/af379872bbc3bf5261e2fd09b681ff7e

0 Karma

indeed_2000
Motivator

thank you for answer, but it's not only germany.

about lookup would please tell me example?

 

0 Karma

indeed_2000
Motivator

thank you, i work with lookup, and example map dasboard.

the main goal is how can i provide relation between these items.

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...