I am on splunk cloud and have been using this functionality which is pretty useful to determine what timezone our users are in. It just seems to have stopped since last Tuesday we just got our environment upgraded to Version:8.2.2203.4
it is returning the fields for timezone and metro but no data
Any ideas ? (where x.x.x.x = ip address)
| makeresults 1
| eval src_ip = "x.x.x.x"
| iplocation src_ip allfields=true
| transpose
gives
| column |
row 1 |
| City |
Houston |
| Continent |
North America |
| Country |
United States |
| MetroCode |
|
| Region |
Texas |
| Timezone |
|
| _time |
1663100176 |
| lat |
29.7604 |
| lon |
-95.3698 |
| src_ip |
x.x.x.x |
I've raised a case but interested if anyone else has experienced this
