Splunk How-To: Creating a Custom Threat Map in Splunk

The following screencasts will show you how to build a custom threat map in Splunk using Splunk’s built in Google Map features. Those features will then be customized to allow us to add in skull icons that change size and color depending on how many times a specific IP address hits the firewall.



The following screencasts will show you how to build a custom threat map in Splunk using Splunk’s built in Google Map features. Those features will then be customized to allow us to add in skull icons that change size and color depending on how many times a specific IP address hits the firewall.

UFW logs are being used for these examples, but feel free to use whatever you want as long as you can pull latitude and longitude data from your search. It is HIGHLY recommended that you are semi-proficient at Splunk searching, as well as having some understanding of JavaScript in order to follow along easily.

Part 1

Part 2

Part 3




Close off Canvas Menu