×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
tadcarlson
Engager
Member since: ‎03-19-2018
‎06-05-2020
Community Statistics
Posts 1
Solutions 0
Karma Given 1
Karma Received 0
Member Since ‎03-19-2018
View All

Clustered Single Value Map not showing correct cou...

by in All Apps and Add-ons
‎03-19-2018 08:04 AM
‎03-19-2018 08:04 AM
I am attempting to use the Clustered Single Value Map visualization (CSVM) to show a basic count of login attempts by location. Below is my search. index="onlinebanking" sourcetype="Activity" EVENTID=LOGIN | iplocation IPADDRESS | geostats latfield=lat longfield=lon count However when the map renders, the counts for the clustered values aren't even close to the statistics. The built-in Cluster Map shows the correct results, and the statistics for each search is obviously the same, but for some reason it the CSVM isn't rendering with the correct values and it's not even close. For instance CSVM will display 453 for an area, while the built-in and stats indicate 32,000. I'd really like to get to the drilled-in detail that CSVM provides, but if the values aren't accurate it doesn't do me any good. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM
Karma given to
View All