I have a CSV file ip_ranges that contains a list of ip_ranges along with the appropriate tag for that ip range. The CSV file is in the following format (data is made up for this example):
What I am trying to do is create a search that uses the lookup table ip_ranges and goes through the first column (excluding the first row which is field name/header) and checks to see if an IP address clientip (returned field from search results) falls within any of the ranges. If clientip falls in one of those ranges, the appropriate "tag" field is returned.
The end result of the search should be a table of two columns: Client IP and Tag. The purpose of the search is to automatically link IP address to tag.
I am a newcomer to the Splunk search language so anybody help/advice would be greatly appreciated.
... View more