Splunk Search

How to use iplocation to search for instances of a specific city or region?

mgp173455
Loves-to-Learn

Hello, 

I am trying to use iplocation to search for instances of a specific city or region for example: 

* iplocation ipaddress Region="region" 

Instead of returning that specific region it will return all regions. Can anyone tell me if this is a bug or am I missing something? 

Thanks 

Labels (2)
Tags (1)
0 Karma

richgalloway
SplunkTrust
SplunkTrust

The iplocation command does not have a region option.

iplocation [prefix=<string>] [allfields=<bool>] [lang=<string>] <ip-address-fieldname>

See https://docs.splunk.com/Documentation/Splunk/8.0.4/SearchReference/Iplocation 

---
If this reply helps you, Karma would be appreciated.
0 Karma

mgp173455
Loves-to-Learn

2DA9842C-92D5-4E27-B93D-4E3BD694D3B9.png

Hi thank you for your reply! 

Ahh I see. From my understanding  the documentation displays a region field with a prefix iploc_ to help distinguish from other fields that might already be present with the same name. 

In my case I don’t have a previous region field so I don’t use the prefix query. Could you provide more insight as to why a prefixed field might be displayed if not supported? (i.e. I have tried doing this with iploc_Region as well) 

 

Any help is much appreciated!

0 Karma

richgalloway
SplunkTrust
SplunkTrust
Region/iploc_region are *output* fields, not input fields. They're part of the results, not part of the command.
---
If this reply helps you, Karma would be appreciated.
0 Karma
Get Updates on the Splunk Community!

Unlock New Opportunities with Splunk Education: Explore Our Latest Courses!

At Splunk Education, we’re dedicated to providing top-tier learning experiences that cater to every skill ...

Technical Workshop Series: Splunk Data Management and SPL2 | Register here!

Hey, Splunk Community! Ready to take your data management skills to the next level? Join us for a 3-part ...

Spotting Financial Fraud in the Haystack: A Guide to Behavioral Analytics with Splunk

In today's digital financial ecosystem, security teams face an unprecedented challenge. The sheer volume of ...