Hiii guys
i have a problem with maxmind application
when i use this query:
host="ids"|lookup geoip clientip as "Source Address"|table "Source Address" client_city
i am getting following error
"Script for lookup table 'geoip' returned error code 1. Results may be incorrect."
I removed the lookup field, but now I am getting error "Unknown search command 'geoip'"
before using lookup we have to create anything for that query..
i am new to splunk pls help me..
thanks in advance..