Splunk Search

Testing mmdb file in Splunk is there a command recommendation for risk scoring?


I am currently attempting to test the GeoIP2-Anonymous-IP.mmdb file out in Splunk.
I know we can either place it in a shared folder or create a path in limits.conf but once that is done is there a particular command to pull the risk scoring? Or should this be used as a lookup table instead?

0 Karma
.conf21 Now Fully Virtual!
Register for FREE Today!

We've made .conf21 totally virtual and totally FREE! Our completely online experience will run from 10/19 through 10/20 with some additional events, too!