+1 813-603-1230        usa@cyberchasse.com
Cyber Chasse- Geostats Command

07 May How to Use Geostats Command to Show Results on Map

Posted at 19:05h in Splunk by

This blog helps you to know more about Geostats Command. The web traffic visualization on a geographic map using offers valuable information to know about website traffic, customer activity, and security monitoring. The log data consisting of IP address is transformed in to a real-time geographical map with the help of Splunk. In order to generate a normal Splunk map, you need to mention the type of data you want to analyze and the way to dig the data.  

The command ‘iplocation’ reads the ‘clientip’ field for each record, checks the IP address in the geographical location, and adds the fields such as country, city, region, latitude, and longitude. This leads to sorting of data into bins based on longitude and latitude by geostats command which plots the data on map.  

Hence, the purpose of geostats command is to generate a statistics table for the geographic data. It displays the data on maps. This command has many different arguments and some of which are mentioned as follows. 

  • Latfield – Field name that consists of latitude data details for analysis. The default value is ‘lat’. 
  • Longfield – Field name that consists of longitude data details for analysis. The default value is ‘lon’. 
  • Outputlatfield – This is used to mention the name of the latitude field for the output fields created by geostats command. ‘Latitude’ is the default value. 
  • Outputlongfield – This is used to mention the name of the longitude field for the output fields created by geostats command. ‘Longitude’ is the default value. 
  • Stats-functions – To mention aggregate functions like count, avg, sum, etc. for statistical analysis. 
Geostats Command

 
Note: fields having values of latitude and longitude are mandatory to apply geostats command 

Geostats Command
Geostats Command
Geostats Command
Geostats Command

 • Choose the Visualization tab followed by the cluster map option. 
 
 
• Set Longitude and Latitude value under Visualization option which will display only the specific area. 
You can either set values of your own or can obtain from the option ‘Populate with current map settings.” 
 
 
• Also, you can choose Street Map by Tiles option 
Choose the option ‘Populate from preset configuration’ followed by Open Street Map. 
 
 
 
If you still face issues on this topic do not hesitate to post your queries in the Comment Box below. Also, for more interesting info follow us on 👍 Social Networks, Happy Splunking >

Print page
0 Likes