Hi I have a CSV file with the list of latitudes and longitudes to display on the map.
I want to get the count of events and the name of the cities for each latitude and longitude.
the iplocation command works only when you have a field which has ipaddress.
but my dataset doesn't give me the ipaddress. I want to display the name of the city using the latitude and longitude values.
you can use the csv as a lookup http://docs.splunk.com/Documentation/Splunk/latest/Knowledge/Usefieldlookupstoaddinformationtoyourev... to get the latitude and longitude from this file. Once this is working set it up to be an automatic lookup, so Splunk will do it for you.
Next step is to use the
geostats command http://docs.splunk.com/Documentation/Splunk/latest/SearchReference/Geostats by using this you can show the results on the map of your choice in Splunk.
Hope this helps ...
Hi msu, thank you for the answer. I have already uploaded the csv and plotted the points on the map, and in a tabular format. But the issue here is I want to display the city names using the lat and lon values.
I am using the following query
| inputlookup my_location.csv| geostats latfield=latitude longfield=longitude count
Maybe you need to change your source for this, have look at this free file https://www.maxmind.com/en/free-world-cities-database this can be used as csv lookup and provides Country, City, AccentCity, Region, Population, Latitude, Longitude