Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to plot choropleth data on maps? I have data from multi-cloud in respective index.

sh254087
Communicator
‎05-26-2023 09:34 AM

I am trying to understand how I can plot my multi-cloud subscription/service consumption data from different geo regions, on a clustered choropleth map visualization.

I have multi-cloud subscriptions with services provisioned and consumed from different regions. 

I want to know where to start with - from reading articles and documentation, I understand I should have longitude, latitude information in my data for each of the regions that I want to plot data for(at least, if not for all). None of my CSP data in respective indexes have this information. If I have to come up with a CSV, unsure  how I'll link them to get this to working. 

 

Anyone came across similar use-case?

 

Any help would be appreciated.

Labels (5)
Labels
Tags (3)
0 Karma
Reply

ITWhisperer
SplunkTrust
SplunkTrust
‎05-26-2023 11:46 PM

If you have a csv with the information, you can use lookup with a suitable key to retrieve the data relevant to each event

0 Karma
Reply

sh254087
Communicator
‎05-29-2023 04:49 AM

To keep it simpler, just trying with AWS cloud, to begin with.

Here's how my region_coordinates.csv which has the region, latitude and longitude and other fields looks like -

sh254087_0-1685360686013.jpeg

I have services and their respective cost consumption data which looks like this (on a trellis-pie visualization, just used this to convey better)- 

sh254087_1-1685360700438.jpeg

I am trying to get thispie visualization on a map something like this - (referring to 'sample dashboard example' app) - 

sh254087_2-1685360716830.jpeg

Tried geom and geostats command but did not get expected output.

 

0 Karma
Reply

sh254087
Communicator
‎05-28-2023 10:28 PM

I have the cloud consumption information indexed in real-time. I do not (or can not) have the consumption information in a csv. I want this map to showcase the cloud consumption data across different regions in real-time. I can come up with a csv having long and lat values for each cloud-regions. I'm unsure how to link these two to come up with the map visualization.

0 Karma
Reply
Get Updates on the Splunk Community!

Combine Multiline Logs into a Single Event with SOCK - a Guide for Advanced Users

This article is the continuation of the “Combine multiline logs into a single event with SOCK - a step-by-step ...

Everything Community at .conf24!

You may have seen mention of the .conf Community Zone 'round these parts and found yourself wondering what ...

Index This | I’m short for "configuration file.” What am I?

May 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with a Special ...