Splunk Search

Testing mmdb file in Splunk is there a command recommendation for risk scoring?


I am currently attempting to test the GeoIP2-Anonymous-IP.mmdb file out in Splunk.
I know we can either place it in a shared folder or create a path in limits.conf but once that is done is there a particular command to pull the risk scoring? Or should this be used as a lookup table instead?

0 Karma
Get Updates on the Splunk Community!

Tips & Tricks When Using Ingest Actions

Tune in to learn about:Large scale architecture when using Ingest ActionsRegEx performance considerations ...

Announcing Our Splunk MVPs

We are excited to announce the first cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...

Dashboard Studio Challenge - Learn New Tricks, Showcase Your Skills, and Win Prizes!

Reimagine what you can do with your dashboards. Dashboard Studio is Splunk’s newest dashboard builder to ...