Splunk Search

Testing mmdb file in Splunk is there a command recommendation for risk scoring?

Engager

I am currently attempting to test the GeoIP2-Anonymous-IP.mmdb file out in Splunk.
I know we can either place it in a shared folder or create a path in limits.conf but once that is done is there a particular command to pull the risk scoring? Or should this be used as a lookup table instead?

0 Karma