Splunk Enterprise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Are there addons for Splunk geolocating devices?

jip31
Motivator
‎09-29-2022 08:44 AM

Hello

I have basic questions about hte way to geolocate devices with Splunk

Is an addon exists?

If not, is it possible to correlate a tool like NetDB with Splunk using DB Connect?

https://web.stanford.edu/group/networking/netdb/help/prod/netdb.html

If yes, what are the prerequesites for doing this?

Thanks

Labels (1)
Labels
Tags (1)
0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎09-29-2022 09:51 AM

I don't see an app on splunkbase, but that doesn't mean you can't use the NetDB API to create one.

If there's a JDBC driver for NetDB then you may be able to use DB Connect.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply

andrew_nelson
Path Finder
‎09-29-2022 09:41 AM

For public IP address space, Splunk comes with an | iplocation function with data accurate as of the Splunk package being published.
iplocation - Splunk Documentation

The documentation comes with info on how to update the database. 

0 Karma
Reply

jip31
Motivator
‎09-29-2022 10:24 PM

OK but it will do no work for me because it's not public adress but internal adress

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Security Content for Threat Detection & Response, Q1 Roundup

Join Principal Threat Researcher, Michael Haag, as he walks through:An introduction to the Splunk Threat ...

Splunk Life | Happy Pride Month!

Happy Pride Month, Splunk Community! 🌈 In the United States, as well as many countries around the ...

SplunkTrust | Where Are They Now - Michael Uschmann

The Background Five years ago, Splunk published several videos showcasing members of the SplunkTrust to share ...