Solved: what is the best addon / app to use with [iplocati...

packet_hunter · ‎10-18-2016

I am looking to build a map of IP locations for remote vpn logins. Does anyone have any suggestions?

lakromani · ‎10-18-2016

Not sure what you are looking for, but if you in the dashboard add this:

<option name="mapping.tileLayer.url">http://{s}.tile.openstreetmap.org/{z}/{x}/{y}.png</option>

You get a much more detailed map.

You search could be some like this:

your search | iplocation src_ip | eval City = if(isnull(City) OR City="" ,"Unknown",City), home=vpn_user."-".src_ip | geostats globallimit=0 count by home

View solution in original post

lakromani · ‎10-18-2016

Not sure what you are looking for, but if you in the dashboard add this:

<option name="mapping.tileLayer.url">http://{s}.tile.openstreetmap.org/{z}/{x}/{y}.png</option>

You get a much more detailed map.

You search could be some like this:

your search | iplocation src_ip | eval City = if(isnull(City) OR City="" ,"Unknown",City), home=vpn_user."-".src_ip | geostats globallimit=0 count by home

packet_hunter · ‎10-18-2016

thank you i will try this

packet_hunter · ‎10-18-2016

Hi Lakromani

Could you please give me a quick walk thru on where exactly I add the ?
I pasted it as the first line in the XML under edit > edit source, after .
Is that correct?
Thank you!

lakromani · ‎10-18-2016

Make your search work giving you the map.
Then save it as an Dashboard.
Open Dashboard
Edit Source
Paste the <option name="mapp.... to the option section.
Save.

packet_hunter · ‎10-18-2016

Thx, I got it to work!

Is there a way to increase the zoom to a street level with this map?

what is the best addon / app to use with [iplocation] for a geographical visual dashboard?

Enterprise Security Content Update (ESCU) | New Releases

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

Index This | What are the 12 Days of Splunk-mas?