All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to plot trasactions that has Latitude and Longitude already?

DotTest37
Path Finder
‎04-27-2011 02:28 PM

Our Web App already returns the lat and long on the Payload XML.
On the response you see something like this:
***-115.3751777777777836.542195555555555***

I successfully extracted fields with that and named them 'Latitude' and 'Longitude' but the Google Map app cannot see it (even though the fields populated with data on the left side of the screen)

Has anybody been successful plotting Lat and Long directly from the XML response?
Thanks!!

Reply
1 Solution
Solved! Jump to solution
Solution

sideview
SplunkTrust
SplunkTrust
‎04-27-2011 06:15 PM

Yep. I did this on an app I developed for one of my customers not long ago. We wanted to use the GoogleMaps module but we already had latitude and longitude in the events so we didnt need the lookup.

You may be tripped up by the same thing I was, which is that while the lookup outputs lots of fields, the only fields the GoogleMaps module looks for are "_lat" and "_lng".

(Note the underscores and also note especially the lack of "o" in "_lng". )

Feed this to the GoogleMaps module and it should work. 

<your search> | eval _lat=Latitude | eval _lng=Longitude

View solution in original post

Reply
Solved! Jump to solution
Solution

sideview
SplunkTrust
SplunkTrust
‎04-27-2011 06:15 PM

Yep. I did this on an app I developed for one of my customers not long ago. We wanted to use the GoogleMaps module but we already had latitude and longitude in the events so we didnt need the lookup.

You may be tripped up by the same thing I was, which is that while the lookup outputs lots of fields, the only fields the GoogleMaps module looks for are "_lat" and "_lng".

(Note the underscores and also note especially the lack of "o" in "_lng". )

Feed this to the GoogleMaps module and it should work. 

<your search> | eval _lat=Latitude | eval _lng=Longitude
Reply
Solved! Jump to solution

ziegfried
Influencer
‎06-24-2011 04:05 AM

Please note: In the new version you have to use the _geo field with the combined lat/lng value:

<your search> | eval _geo=Latitude+","+Longitude
Reply
Solved! Jump to solution

DotTest37
Path Finder
‎04-27-2011 09:50 PM

Thanks for assisting me Nick!
Your suggestion worked perfect.

0 Karma
Reply
Get Updates on the Splunk Community!

Enhance Your Splunk App Development: New Tools & Support

UCC FrameworkAdd-on Builder has been around for quite some time. It helps build Splunk apps faster, but it ...

Prove Your Splunk Prowess at .conf25—No Prereqs Required!

Your Next Big Security Credential: No Prerequisites Needed We know you’ve got the skills, and now, earning the ...

Splunk Observability Cloud's AI Assistant in Action Series: Observability as Code

This is the sixth post in the Splunk Observability Cloud’s AI Assistant in Action series that digs into how to ...