Knowledge Management

Presenting IP addresses as hostnames from CSV file

ac89live
Explorer

Hello

I'm new to Splunk community and I'd like to start using Splunk as a syslog server for all traffic generated from our firewall.

We'd like to send all the logs from the firewall to the Splunk machine, using the FortiGate add-on.

 

Our firewall is sending the traffic log as source/destination IP address format, and we'd like to present it in the Splunk dashboard as hostnames. Like every IP subnet presented as a name. for example:

-- all source IPs from subnet 192.168.1.0/24 presented in Splunk dashboard as : company1_123_PO1_region1

-- all source IPs from subnet 192.168..2.0/24 presented in Splunk dashboard as : company2_321_PO2_region2

We already have a csv file which has all this information.

How can we accomplish this task?

 

Thanks

Labels (2)
0 Karma
1 Solution

thambisetty
SplunkTrust
SplunkTrust

https://www.youtube.com/watch?v=cwEzgY0lAts&t=462s

————————————
If this helps, give a like below.

View solution in original post

thambisetty
SplunkTrust
SplunkTrust

https://www.youtube.com/watch?v=cwEzgY0lAts&t=462s

————————————
If this helps, give a like below.
Get Updates on the Splunk Community!

AppDynamics Summer Webinars

This summer, our mighty AppDynamics team is cooking up some delicious content on YouTube Live to satiate your ...

SOCin’ it to you at Splunk University

Splunk University is expanding its instructor-led learning portfolio with dedicated Security tracks at .conf25 ...

Credit Card Data Protection & PCI Compliance with Splunk Edge Processor

Organizations handling credit card transactions know that PCI DSS compliance is both critical and complex. The ...