Solved: Google maps Errors

abovebeyond · ‎08-06-2015

Hey , i ran a search string on Google Map application and i get the following errors:

search string:
source=myapp:514 | geoip clientip

Traceback (most recert call last:)
KeyError: 'clientip'

I have the field clientip in my search , and i have events.

what is wrong here?

Thanks !

woodcock · ‎08-06-2015

The geoip app is no longer necessary because the feature is now built into Splunk via the iplocation command so try this:

source=myapp:514 | iplocation clientip

View solution in original post

woodcock · ‎08-06-2015

The geoip app is no longer necessary because the feature is now built into Splunk via the iplocation command so try this:

source=myapp:514 | iplocation clientip

abovebeyond · ‎08-06-2015

thanks ill try it !

abovebeyond · ‎08-09-2015

hey Woodcock ,

i tried with the "iplocation" command , there is no error now but i cannot see the location in the google map application...

woodcock · ‎08-09-2015

Go to the search bar (not in a dashboard), type in your new search, click on the Visualization tab, click on the leftmost menu/control (just under the word "Events" and select Map. You no longer need Google at all.

abovebeyond · ‎08-09-2015

Thanks , just upgrade splunk version .. didnt know it exist

woodcock · ‎08-06-2015

The problem has to do with clientip so either you do not have the field or the field's value is not in an appropriate format. Show us an event.

Google maps Errors

Now Available: Cisco Talos Threat Intelligence Integrations for Splunk Security Cloud ...

Preparing your Splunk Environment for OpenSSL3

Easily Improve Agent Saturation with the Splunk Add-on for OpenTelemetry Collector