My requirement is to summarize the number of shipments to all zip codes for a particular day and plot the shipment count by the corresponding zip code in a Clustered Single Value Map Visualization or any map in Splunk. I used the following search but it seems to be summarizing by the total number of Zip codes instead of the total shipments by Zipcode.
source=shipment_details | stats count by SHIP_ZIPCODE | lookup geo_zipcode Zipcode AS SHIP_ZIPCODE | rename Lat as latitude, Long as longitude | geostats latfield=latitude longfield=longitude count
I am not sure if I am using the wrong map. Any suggestion would be much appreciated
... View more