I am executing a query in splunk which is below :
| makeresults | eval ip="$ip$" | makemv delim="," ip | mvexpand ip | ipinfo ip [ search "10.19.10.10", "%ASA-6-722023", dest="*" | fields dest | rename dest as ip]
but it is giving me following error
10 errors occurred while the search was executing. Therefore, search results might be incomplete
- Unrecognized option: ip=103.208.69.136
- Unrecognized option: ip=103.226.206.167
- Unrecognized option: ip=103.96.43.249
- Unrecognized option: ip=106.193.34.105
- Unrecognized option: ip=117.221.92.44
- Unrecognized option: ip=182.70.78.160
- Unrecognized option: ip=27.97.140.72
- Unrecognized option: ip=49.36.37.0
- Unrecognized option: ip=49.36.43.61
- Unrecognized option: ip=68.228.83.221
I have installed IPINFO app on splunk to get the carrier information.
