Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

iplocation command not working

krish3
Contributor
‎02-12-2014 02:07 PM

Hi,

I am using splunk enterprise 6.0 and i used iplocation command on a index using the following command and it just returned the results fine.

index=idx1 sourcetype=access_combined ....| iplocation prefix=iploc_ allfields=true clientip

Now I am using the same command on different index and different sourcetype its not working.

index=idx2 sourcetype="access_*" .... | iplocation clientip

There are no interesting fields column in the search results page?? Any idea why is this happening.
Thanks,

0 Karma
Reply

hagjos43
Contributor
‎06-02-2014 12:20 PM

Splunk 6.1 has changed the iplocation a bit.

.... | iplocation clientip | stats count by Country, Region

works natively now 🙂

Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...