All Apps and Add-ons
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Solved! Jump to solution

Alternative to GeoASN ?

dm1
Contributor
‎11-30-2025 06:55 PM

Since geoASN has been long gone, can anyone please suggest what is a better alternative to it ?

Mainly need the ASN info for an IP.

Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

max-ipinfo
Explorer
‎12-05-2025 09:43 AM

Feel free to use the IPinfo Splunk app. It comes with robust country and ASN information for free. The ASN data is backed by BGP announcements pointing to original ownership and authority, and is enriched with WHOIS data. 

Here is the documentation to get started:

https://ipinfo.io/developers/splunk 

You need to set up the IPinfo Lite API or the database download (preferable).

maxipinfo_0-1764956582170.png

App link: https://splunkbase.splunk.com/app/4070

 

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

max-ipinfo
Explorer
‎12-05-2025 09:43 AM

Feel free to use the IPinfo Splunk app. It comes with robust country and ASN information for free. The ASN data is backed by BGP announcements pointing to original ownership and authority, and is enriched with WHOIS data. 

Here is the documentation to get started:

https://ipinfo.io/developers/splunk 

You need to set up the IPinfo Lite API or the database download (preferable).

maxipinfo_0-1764956582170.png

App link: https://splunkbase.splunk.com/app/4070

 

0 Karma
Reply
Solved! Jump to solution

dm1
Contributor
‎12-21-2025 06:16 PM

I am getting this SyntaxError  while using the IPinfo Splunk App on my Splunk Enterprise instance.

Environment Details:

  • Splunk Version: 9.2.2

  • App Name: IPinfo Splunk App

  • OS: Linux

Problem Description: When running the ipinfo command in a search, the command fails. Upon inspecting the search.log, I found that the external search command is exiting with a SyntaxError.

It appears the script ipinfo_command.py uses the assignment expression (Walrus Operator :=), which was introduced in Python 3.8. However, even on Splunk 9.2.2, the script is being invoked using the bundled Python 3.7 interpreter in my environment, leading to the following error:

ERROR ChunkedExternProcessor - stderr: File "/opt/splunk/etc/apps/ipinfo_app/bin/ipinfo_command.py", line 139
ERROR ChunkedExternProcessor - stderr: ip_addresses = [v.strip() for f in fields if (v := record.get(f)) and v.strip()]
ERROR ChunkedExternProcessor - stderr:                                                                   ^
ERROR ChunkedExternProcessor - stderr: SyntaxError: invalid syntax
ERROR ChunkedExternProcessor - Error in 'ipinfo' command: External search command exited unexpectedly with non-zero error code 1.

Tags (1)
0 Karma
Reply
Solved! Jump to solution

VatsalJagani
SplunkTrust
SplunkTrust
‎12-01-2025 05:29 AM

@dm1 - This App should help.

IPInfo App for Splunk - https://splunkbase.splunk.com/app/4070

 

Kindly upvote and accept the answer if this help !!

Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas     Cisco Live 2026 is almost here, and this ...

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Hello Splunkers,   So you searched, “what is the name of the usb key inserted by bob smith?”  Not gonna lie… ...

Automating Threat Operations and Threat Hunting with Recorded Future

    Automating Threat Operations and Threat Hunting with Recorded Future June 29, 2026 | Register   Is your ...