All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Can iplocation be extended for new fields to use the ISP and Organization fields from a commercial MaxMind database?

ebailey
Communicator
‎02-15-2016 07:49 PM

We have a subscription for MaxMind and I am trying to figure out how to use the ISP and Organization fields from the database. Can iplocation be extended for new fields, or do I have to build an TA?

Thanks!

Reply

woodcock
Esteemed Legend
‎02-15-2016 08:51 PM

Have you tried the apps?
https://splunkbase.splunk.com/apps/?search=Maximimd#/order/relevance/search/Maxmind

0 Karma
Reply

ebailey
Communicator
‎02-15-2016 09:10 PM

Working on the SecKit App which appears to be broken out of the box, but a good starting point. I am close to having it working. I was hoping that the iplocation command could be extended. Thanks!

Reply

woodcock
Esteemed Legend
‎02-16-2016 07:29 AM

If it works out, click "Accept" to close the question.

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Lantern | Getting Started with Edge Processor, Machine Learning Toolkit ...

Splunk Lantern is Splunk’s customer success center that provides advice from Splunk experts on valuable data ...

Enterprise Security Content Update (ESCU) | New Releases

In the last month, the Splunk Threat Research Team (STRT) has had 2 releases of new security content via the ...

Announcing the 1st Round Champion’s Tribute Winners of the Great Resilience Quest

We are happy to announce the 20 lucky questers who are selected to be the first round of Champion's Tribute ...