Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About gavsdavs
gavsdavs
Observer
Member since:
04-27-2012
01-04-2021
Community Statistics
| Posts | 9 |
| Solutions | 0 |
| Karma Given | 0 |
| Karma Received | 2 |
| Member Since | 04-27-2012 |
Activity Feed
- Posted Re: Closest GPS match in lookup table on Knowledge Management. 07-10-2020 03:40 PM
- Posted Re: Closest GPS match in lookup table on Knowledge Management. 07-10-2020 10:48 AM
- Tagged Re: Closest GPS match in lookup table on Knowledge Management. 07-10-2020 10:48 AM
- Posted Re: Closest GPS match in lookup table on Knowledge Management. 07-07-2020 03:19 PM
- Posted Closest GPS match in lookup table on Knowledge Management. 06-25-2020 03:31 PM
- Tagged Closest GPS match in lookup table on Knowledge Management. 06-25-2020 03:31 PM
- Tagged Closest GPS match in lookup table on Knowledge Management. 06-25-2020 03:31 PM
- Tagged Closest GPS match in lookup table on Knowledge Management. 06-25-2020 03:31 PM
- Posted Re: How to ingest Strava GPX (XML) data... on Getting Data In. 01-07-2020 01:42 PM
- Posted Re: How to ingest Strava GPX (XML) data... on Getting Data In. 01-06-2020 03:13 PM
- Posted Re: How to ingest Strava GPX (XML) data... on Getting Data In. 01-03-2020 02:35 PM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 |
07-10-2020
03:40 PM
I now have a kml file configured as a geospatial lookup. the track is split into 10 zones, each zone is defined by a polygon perimeter and is distinctly named. This look okay in | inputlookup <lookup name> I don't know how I get responses from this lookup, I have latitude and longitude in my event data and I am using | lookup <lookup name> latitude,longitude (as per the example here https://docs.splunk.com/Documentation/Splunk/8.0.4/Knowledge/Configuregeospatiallookups#Geospatial_lookup_example) and I'm getting "Error in 'lookup' command: Could not find all of the specified lookup fields in the lookup table." It strikes me that I don't have latitude,longitude fields in my geospatial lookup data, I see count, featureCollection, featureId and geom fields (which doesn't look like the co-ordinates list in the actual kml file, but at least appears to be valid in splunk terms). How do these geospatial lookups determine if a point is within a polygon ?
... View more
07-10-2020
10:48 AM
I have a series of points in my lookup data, loosely tracing a racetrack. I have a series of points in my data, the recording of the location of the car. There are sadly very few (if any) exact matches for the cars locations in the lookup data. So i need a way of looking for the closest match in the lookup table from the car location data. I was approaching it by trying to round the vehicles location lat/lon, and then try to establish the substring matches in the lookup data, I couldn't get wildcard matching to work (at all, i've not used it before, I haven't experimented with inserting "*" characters at the end of the rounded vehicle location data. I also thought the geolocation approach might be useful, the basic idea being it's possible to determine the country/US state based on the perimeter defined in the provided kml files from a GPS point. I have a KML file of the same basic approach, a permimeter around each corner/straight on the track and I would like to establish which "perimeter" (or named track segment) is in for each vehicle GPS point. I'll have a look at the tool you've linked.
... View more
- Tags:
- Sam
07-07-2020
03:19 PM
I'm still wresting with this one, and I'm trying to use wildcard matching against my lookup data. Say I have a GPS Point 51.234567,0.123456 and I then round that to 1 point, 2 points, 3 points, etc up to 5, i get these. 51.2,0.1
51.23,0.12
51.234,0.123
51.2345,0.1234
51.12345,0.12345 I can then try and lookup any of those values in my reference table with match_type=WILDCARD(latitude),WILDCARD(longitude) I should get a match (as I have rows/GPS points in the lookup table which start with 51.2,0.1), but I don't get any matches. I've also considered the geospatial approach, but I can't work out how to generate a KML which splunk will interpret. There are examples (US_States, countries, etc), but I don't know which tools i could use to create my own. Can anyone recommend any tools that will generate geospatial lookup (kml/kmz) files that splunk will read ?
... View more
06-25-2020
03:31 PM
I have a list of GPS points in a lookup file which describes a race track, generated using this https://www.gpsvisualizer.com. This lookup file has maybe 100 points which describe the path of this track. lookup headings are latitiude,longitude,Segment name I then have some GPS traces of my car driving round this race track, where a GPS point is recorded roughly every second. For each recorded car location point, I want to look in this lookup file and return the Segment name which is physically closest. It's not quite a substring/pattern match (i.e. match_type WILDCARD), I would like to be able to return the segment name for the closest point i have in the lookup file. I'm aware of the haversine app: https://splunkbase.splunk.com/app/936/ And this is someone bundling the algorithm into a macro: https://community.splunk.com/t5/Splunk-Search/Distance-between-two-Geocoordinates/td-p/422514 But I'm not sure how I could use that macro or the haversine function in a lookup ? So far i'm just doing literal matches of the lat/long values in the car traces and I'm getting no matches at all (very disappointing) Any suggestions/ideas ?
... View more
Labels
- Labels:
-
lookup
01-07-2020
01:42 PM
You aren't tied to ingesting the file as a single event.
What if I have over 10,000 points in a gpx file ?
Re-think the content of the file, each point is an event, the whole gpx file is a collection of events.
It's entirely up to you, but if you have 10,000 points in a file its easier to handle 10,000 events not one event and ending up with a 10,000 member mutlivalue field set.
... View more
01-06-2020
03:13 PM
Yeah I see that, but I get a single event with a load of multi-value fields and i have to do an mvexpand dance to blow it all to pieces.
I personally prefer to work with the events separate and stats or transact them together rather than mvexpand them apart.
... View more
01-03-2020
02:35 PM
Set up a parsing statement to ingest the data and break every line
(SHOULD_LINEMERGE=false)
Then use something like
| transaction startswith="\<trkpt" endswith="\</trkpt\>"
| xmlkv
| table time lat lon
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
01-04-2021
01:14 PM
|
