Hi ! I am new to splunk, and just started recently.
I have some RSS feeds implemented into Splunk through "Syndication", and I was wondering on how I can extract countries from the feeds as there is no longitude/latitude ?
Edit //
There is no IP addresses either. sourcetype=syndication, I guess there is a need for this in order to show and extract the country out from the feeds in syndication
Here's an example of a raw feed.
summary=" Russia is engaged in wide-ranging information warfare operations aimed at undermining the United States, and the federal government has few defenses against the attacks, "
In this case, I would like to extract the country "Russia" and add a count to it and show it on a map.
Sorry for being vague, I would give more information if needed, because I don't know where I am being vague at
... View more